urlscan.io logo urlscan.io
SecurityTrails logo

www.correiodopovo.com.br Open in urlscan Pro
54.38.212.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.correiodopovo.com.br.mcas.ms/
Effective URL: https://www.correiodopovo.com.br/
Submission Tags: krdtest
Submission: On September 14 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 14 countries across 92 domains to perform 829 HTTP transactions. The main IP is 54.38.212.101, located in France and belongs to OVH, FR. The main domain is www.correiodopovo.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 30th 2021. Valid for: a year.
This is the only time www.correiodopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.157.233.49 8075 (MICROSOFT...)
3 2.16.106.57 20940 (AKAMAI-ASN1)
120 54.38.212.101 16276 (OVH)
8 142.250.200.42 15169 (GOOGLE)
8 142.250.178.2 15169 (GOOGLE)
61 172.217.169.34 15169 (GOOGLE)
1 2.21.242.228 20940 (AKAMAI-ASN1)
2 23.32.238.176 20940 (AKAMAI-ASN1)
1 1 185.60.218.52 32934 (FACEBOOK)
1 2 185.60.218.174 32934 (FACEBOOK)
13 52.1.252.251 14618 (AMAZON-AES)
9 172.67.36.241 13335 (CLOUDFLAR...)
3 184.30.20.54 16625 (AKAMAI-AS)
10 189.16.116.12 4230 (CLARO S.A.)
27 172.217.16.238 15169 (GOOGLE)
12 142.250.178.8 15169 (GOOGLE)
14 104.26.13.85 13335 (CLOUDFLAR...)
7 104.16.11.243 13335 (CLOUDFLAR...)
8 185.60.218.24 32934 (FACEBOOK)
2 34.207.18.4 14618 (AMAZON-AES)
2 6 99.86.4.12 16509 (AMAZON-02)
3 91.228.74.134 16509 (AMAZON-02)
47 199.232.137.44 54113 (FASTLY)
11 172.217.169.67 15169 (GOOGLE)
4 35.201.123.184 15169 (GOOGLE)
25 142.250.187.194 15169 (GOOGLE)
2 199.232.137.181 54113 (FASTLY)
1 13.32.22.109 16509 (AMAZON-02)
1 3.23.208.81 16509 (AMAZON-02)
7 34.102.185.99 15169 (GOOGLE)
2 151.101.113.229 54113 (FASTLY)
16 200.198.173.170 7465 (PROCERGS)
1 142.250.200.34 15169 (GOOGLE)
6 216.58.212.194 15169 (GOOGLE)
10 172.217.169.66 15169 (GOOGLE)
1 142.250.187.206 15169 (GOOGLE)
4 142.250.200.14 15169 (GOOGLE)
2 104.16.12.243 13335 (CLOUDFLAR...)
2 143.204.207.4 16509 (AMAZON-02)
1 54.82.20.194 14618 (AMAZON-AES)
8 185.60.218.35 32934 (FACEBOOK)
2 192.229.233.25 15133 (EDGECAST)
5 151.101.13.44 54113 (FASTLY)
3 216.58.212.237 15169 (GOOGLE)
13 65 172.217.169.2 15169 (GOOGLE)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
17 141.226.228.48 200478 (TABOOLA-AS)
2 5 185.33.220.145 29990 (ASN-APPNEX)
1 185.184.10.30 203690 (RTB-HOUSE...)
3 35.157.246.167 16509 (AMAZON-02)
1 216.58.212.234 15169 (GOOGLE)
1 13.32.22.41 16509 (AMAZON-02)
7 172.217.16.227 15169 (GOOGLE)
1 3.232.160.141 14618 (AMAZON-AES)
1 74.125.140.155 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
13 216.58.213.4 15169 (GOOGLE)
4 142.250.179.227 15169 (GOOGLE)
1 34.234.140.75 14618 (AMAZON-AES)
4 142.250.178.1 15169 (GOOGLE)
4 34.192.216.94 14618 (AMAZON-AES)
4 76.223.111.131 16509 (AMAZON-02)
5 6 185.94.180.125 35220 (SPOTX-AMS)
5 9 18.185.140.232 16509 (AMAZON-02)
1 216.58.212.230 15169 (GOOGLE)
1 142.250.187.193 15169 (GOOGLE)
1 142.250.180.22 15169 (GOOGLE)
1 143.204.207.69 16509 (AMAZON-02)
5 5 2.19.35.65 16625 (AKAMAI-AS)
10 104.109.78.125 16625 (AKAMAI-AS)
4 172.217.169.3 15169 (GOOGLE)
1 130.211.115.4 15169 (GOOGLE)
5 69.173.144.139 26667 (RUBICONPR...)
1 18.195.155.181 16509 (AMAZON-02)
32 216.58.212.225 15169 (GOOGLE)
22 23.193.33.152 16625 (AKAMAI-AS)
18 142.250.187.198 15169 (GOOGLE)
2 4 23.193.32.250 16625 (AKAMAI-AS)
1 34.249.226.229 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
6 8 34.98.64.218 15169 (GOOGLE)
4 184.31.88.106 16625 (AKAMAI-AS)
2 23.193.32.139 16625 (AKAMAI-AS)
5 78.46.23.46 24940 (HETZNER-AS)
5 34.96.105.8 15169 (GOOGLE)
2 2 37.157.3.30 198622 (ADFORM)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 213.19.147.44 3356 (LEVEL3)
1 1 104.88.68.55 16625 (AKAMAI-AS)
1 1 3.126.175.244 16509 (AMAZON-02)
2 136.243.3.72 24940 (HETZNER-AS)
2 136.243.6.89 24940 (HETZNER-AS)
9 136.243.32.75 24940 (HETZNER-AS)
1 4 88.99.165.19 24940 (HETZNER-AS)
9 176.9.64.67 24940 (HETZNER-AS)
1 2 46.228.164.11 56396 (AMOBEE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 1 178.162.133.149 60781 (LEASEWEB-...)
2 2 217.66.147.170 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
2 172.67.69.14 13335 (CLOUDFLAR...)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
2 2.19.44.80 16625 (AKAMAI-AS)
1 185.172.148.128 44239 (PROINITY ...)
2 46.236.13.147 24931 (DEDIPOWER)
1 2 142.250.178.6 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 3 104.26.11.172 13335 (CLOUDFLAR...)
2 2 18.159.182.76 16509 (AMAZON-02)
2 2 66.155.71.149 13768 (COGECO-PEER1)
2 2 51.178.20.139 16276 (OVH)
2 2 193.232.148.158 48061 (UMA-TECH-AS)
1 1 185.86.137.122 201081 (SMARTADSE...)
6 8 3.126.56.137 16509 (AMAZON-02)
1 143.204.207.31 16509 (AMAZON-02)
26 199.187.193.140 47043 (SMARTADSE...)
1 23.32.238.192 20940 (AKAMAI-ASN1)
2 54.75.239.54 16509 (AMAZON-02)
6 23.32.238.184 20940 (AKAMAI-ASN1)
8 172.67.14.139 13335 (CLOUDFLAR...)
4 104.16.18.94 13335 (CLOUDFLAR...)
1 87.248.118.23 203220 (YAHOO-DEB)
3 151.101.114.133 54113 (FASTLY)
5 5 18.197.99.6 16509 (AMAZON-02)
1 2.16.107.27 20940 (AKAMAI-ASN1)
3 108.128.138.172 16509 (AMAZON-02)
3 6 104.18.12.5 13335 (CLOUDFLAR...)
3 3 159.253.128.183 36351 (SOFTLAYER)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
6 6 72.251.244.140 29791 (VOXEL-DOT...)
2 2 54.194.211.3 16509 (AMAZON-02)
6 142.250.200.2 15169 (GOOGLE)
829 112
1    52.157.233.49 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.correiodopovo.com.br.mcas.ms
3    2.16.106.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-106-57.deploy.static.akamaitechnologies.com
mcasproxy.azureedge.net
120    54.38.212.101 (France)

ASN16276 (OVH, FR)
PTR: ip101.ip-54-38-212.eu
www.correiodopovo.com.br
8    142.250.200.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f10.1e100.net
fonts.googleapis.com
8    142.250.178.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
61    172.217.169.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2.21.242.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-242-228.deploy.static.akamaitechnologies.com
ced.sascdn.com
2    23.32.238.176 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-176.deploy.static.akamaitechnologies.com
tagmanager.smartadserver.com
1    185.60.218.52 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-01-otp1.fbcdn.net
platform.instagram.com
2    185.60.218.174 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: instagram-p42-shv-01-otp1.fbcdn.net
www.instagram.com
13    52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com
wfpscripts.webspectator.com
cdn.webspectator.com
9    172.67.36.241 (United States)

ASN13335 (CLOUDFLARENET, US)
v3.denakop.com
3    184.30.20.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-54.deploy.static.akamaitechnologies.com
barra.r7.com
cms-media-api.r7.com
10    189.16.116.12 (São Paulo, Brazil)

ASN4230 (CLARO S.A., BR)
portal.correiodopovo.com.br
27    172.217.16.238 (United States)

ASN15169 (GOOGLE, US)
PTR: mad08s04-in-f14.1e100.net
apis.google.com
www.youtube.com
12    142.250.178.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f8.1e100.net
www.googletagmanager.com
14    104.26.13.85 (United States)

ASN13335 (CLOUDFLARENET, US)
plugins.soclminer.com.br
correiodopovo.soclminer.com.br
7    104.16.11.243 (None, )

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
8    185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net
connect.facebook.net
2    34.207.18.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-18-4.compute-1.amazonaws.com
webservices.webspectator.com
6    99.86.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net
sb.scorecardresearch.com
3    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
47    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
nr-events.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
wf.taboola.com
impr.taboola.com
opps.taboola.com
vidstatb.taboola.com
11    172.217.169.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f3.1e100.net
fonts.gstatic.com
4    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
d.tailtarget.com
tags.t.tailtarget.com
25    142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
2    199.232.137.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
1    13.32.22.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-109.fra56.r.cloudfront.net
rules.quantcount.com
1    3.23.208.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-208-81.us-east-2.compute.amazonaws.com
receiver.posclick.dinamize.com
7    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
d.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
2    151.101.113.229 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
16    200.198.173.170 (Pinheiro Machado, Brazil)

ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR)
PTR: wiesbaden.procergs.com.br
vacina.saude.rs.gov.br
1    142.250.200.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f2.1e100.net
adservice.google.de
6    216.58.212.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f2.1e100.net
adservice.google.com
10    172.217.169.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f2.1e100.net
www.googletagservices.com
1    142.250.187.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f14.1e100.net
www.youtube.com
4    142.250.200.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f14.1e100.net
www.google-analytics.com
2    104.16.12.243 (None, )

ASN13335 (CLOUDFLARENET, US)
opi.navdmp.com
2    143.204.207.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-4.fra53.r.cloudfront.net
stg.truvidplayer.com
1    54.82.20.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-20-194.compute-1.amazonaws.com
paywall.correiodopovo.com.br
8    185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com
www.facebook.com
2    192.229.233.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
pips.taboola.com
3    216.58.212.237 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f13.1e100.net
accounts.google.com
65    172.217.169.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
17    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
5    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    216.58.212.234 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f234.1e100.net
ajax.googleapis.com
1    13.32.22.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-41.fra56.r.cloudfront.net
go.trvdp.com
7    172.217.16.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f3.1e100.net
ssl.gstatic.com
1    3.232.160.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-160-141.compute-1.amazonaws.com
digital2.correiodopovo.com.br
1    74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net
stats.g.doubleclick.net
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
13    216.58.213.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ber01s14-in-f4.1e100.net
www.google.com
4    142.250.179.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f3.1e100.net
www.google.de
1    34.234.140.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-140-75.compute-1.amazonaws.com
msgws.webspectator.com
4    142.250.178.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f1.1e100.net
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
4    34.192.216.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-216-94.compute-1.amazonaws.com
taboola-supply-partners.tremorhub.com
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
6    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
9    18.185.140.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-140-232.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    216.58.212.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f6.1e100.net
static.doubleclick.net
1    142.250.187.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f1.1e100.net
yt3.ggpht.com
1    142.250.180.22 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f22.1e100.net
i.ytimg.com
1    143.204.207.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-69.fra53.r.cloudfront.net
s.trvdp.com
5    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.217.169.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f3.1e100.net
www.gstatic.com
1    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
32    216.58.212.225 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f225.1e100.net
tpc.googlesyndication.com
22    23.193.33.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-33-152.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
18    142.250.187.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f6.1e100.net
s0.2mdn.net
4    23.193.32.250 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-32-250.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    34.249.226.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-226-229.eu-west-1.compute.amazonaws.com
geo.moatads.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
2    23.193.32.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-32-139.deploy.static.akamaitechnologies.com
s79.mxcdn.net
5    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
5    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.88.68.55 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-88-68-55.deploy.static.akamaitechnologies.com
cs.media.net
1    3.126.175.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    136.243.3.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h211.meetrics.de
stat.meetrics.net
2    136.243.6.89 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h241.meetrics.de
s79.research.de.com
9    136.243.32.75 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h389.meetrics.de
b16.s79.research.de.com
4    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
9    176.9.64.67 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h368.meetrics.de
b153.s79.research.de.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
google-sync.rutarget.ru
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    217.66.147.170 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
2    172.67.69.14 (United States)

ASN13335 (CLOUDFLARENET, US)
api.soclminer.com.br
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Bad Schwalbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    2.19.44.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-80.deploy.static.akamaitechnologies.com
www.awin1.com
1    185.172.148.128 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    142.250.178.6 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
3    104.26.11.172 (United States)

ASN13335 (CLOUDFLARENET, US)
static.socialminer.com
2    18.159.182.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-182-76.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
c.eu1.dyntrk.com
2    193.232.148.158 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp19.sender.ltmse.com
px.adhigh.net
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
8    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    143.204.207.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-31.fra53.r.cloudfront.net
analytics.webgains.io
26    199.187.193.140 (Canada)

ASN47043 (SMARTADSERVER, CA)
www5.smartadserver.com
1    23.32.238.192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-192.deploy.static.akamaitechnologies.com
ced-ns.sascdn.com
2    54.75.239.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
api.webgains.io
6    23.32.238.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-184.deploy.static.akamaitechnologies.com
creatives.sascdn.com
8    172.67.14.139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
4    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
3    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
5    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    2.16.107.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-27.deploy.static.akamaitechnologies.com
code.createjs.com
3    108.128.138.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-138-172.eu-west-1.compute.amazonaws.com
beacon.krxd.net
6    104.18.12.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com
ads.avct.cloud
6    142.250.200.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f2.1e100.net
www.googleadservices.com
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
132 correiodopovo.com.br
www.correiodopovo.com.br
portal.correiodopovo.com.br
paywall.correiodopovo.com.br
digital2.correiodopovo.com.br
1 MB
102 googlesyndication.com
pagead2.googlesyndication.com
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
1014 KB
94 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
googleads4.g.doubleclick.net
5994599.fls.doubleclick.net
354 KB
70 taboola.com
cdn.taboola.com
c2.taboola.com
nr-events.taboola.com
trc.taboola.com
15.taboola.com
am-trc-events.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
impr.taboola.com
pips.taboola.com
cds.taboola.com
opps.taboola.com
vidstatb.taboola.com
am-wf.taboola.com
2 MB
32 google.com
apis.google.com
adservice.google.com
accounts.google.com
www.google.com
282 KB
29 smartadserver.com
tagmanager.smartadserver.com
ssbsync.smartadserver.com
www5.smartadserver.com
241 KB
23 moatads.com
z.moatads.com
geo.moatads.com
px.moatads.com
118 KB
22 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
www.gstatic.com
265 KB
21 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
55 KB
20 de.com
s79.research.de.com
b16.s79.research.de.com
b153.s79.research.de.com
6 KB
18 2mdn.net
s0.2mdn.net
472 KB
18 youtube.com
www.youtube.com
848 KB
16 saude.rs.gov.br
vacina.saude.rs.gov.br
2 MB
16 soclminer.com.br
plugins.soclminer.com.br
api.soclminer.com.br
correiodopovo.soclminer.com.br
198 KB
16 webspectator.com
wfpscripts.webspectator.com
webservices.webspectator.com
msgws.webspectator.com
cdn.webspectator.com
118 KB
13 yahoo.com
cms.analytics.yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
10 KB
12 googletagmanager.com
www.googletagmanager.com
506 KB
11 tailtarget.com
d.tailtarget.com
d.t.tailtarget.com
tags.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
44 KB
10 googletagservices.com
www.googletagservices.com
335 KB
9 redintelligence.net
hal9000.redintelligence.net
hal900028.redintelligence.net
240 KB
9 bidswitch.net
x.bidswitch.net
3 KB
9 google.de
adservice.google.de
www.google.de
2 KB
9 navdmp.com
tag.navdmp.com
usr.navdmp.com
opi.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
7 KB
9 denakop.com
v3.denakop.com
83 KB
9 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
11 KB
8 datatables.net
cdn.datatables.net
24 KB
8 openx.net
us-u.openx.net
2 KB
8 facebook.com
www.facebook.com
594 B
8 facebook.net
connect.facebook.net
319 KB
8 sascdn.com
ced.sascdn.com
ced-ns.sascdn.com
creatives.sascdn.com
439 KB
6 m6r.eu
tracking.m6r.eu
4 KB
6 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
3 KB
6 krxd.net
cdn.krxd.net
beacon.krxd.net
consumer.krxd.net
88 KB
6 spotxchange.com
sync.search.spotxchange.com
4 KB
6 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 advertising.com
pixel.advertising.com
2 KB
5 blismedia.com
tr.blismedia.com
590 B
5 adnxs.com
ib.adnxs.com
5 KB
5 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
15 KB
4 cloudflare.com
cdnjs.cloudflare.com
679 KB
4 teads.tv
sync.teads.tv
688 B
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 tremorhub.com
taboola-supply-partners.tremorhub.com
729 B
4 google-analytics.com
www.google-analytics.com
20 KB
3 adition.com
dsp.adfarm1.adition.com
2 KB
3 simpli.fi
um.simpli.fi
2 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
51 KB
3 socialminer.com
static.socialminer.com
8 KB
3 medialead.de
pv.medialead.de
medialead.de
2 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10 KB
3 r7.com
barra.r7.com
cms-media-api.r7.com
18 KB
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
3 azureedge.net
mcasproxy.azureedge.net
42 KB
2 avct.cloud
ads.avct.cloud
890 B
2 adhigh.net
px.adhigh.net
1 KB
2 dyntrk.com
c.eu1.dyntrk.com
2 KB
2 sitescout.com
pixel-sync.sitescout.com
1022 B
2 w55c.net
pm.w55c.net
2 KB
2 webgains.com
track.webgains.com
2 KB
2 awin1.com
www.awin1.com
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 meetrics.net
stat.meetrics.net
702 B
2 adform.net
c1.adform.net
1 KB
2 mxcdn.net
s79.mxcdn.net
114 KB
2 trvdp.com
go.trvdp.com
s.trvdp.com
159 KB
2 mathtag.com
pixel.mathtag.com
sync.mathtag.com
1 KB
2 truvidplayer.com
stg.truvidplayer.com
5 KB
2 jsdelivr.net
cdn.jsdelivr.net
7 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
1 createjs.com
code.createjs.com
63 KB
1 ad-server.eu
ad-server.eu
312 B
1 office-partner.de
adv.office-partner.de
1 KB
1 media01.eu
pb.media01.eu
628 B
1 sonobi.com
sync.go.sonobi.com
854 B
1 rutarget.ru
google-sync.rutarget.ru
579 B
1 travelaudience.com
ads.travelaudience.com
521 B
1 sharethrough.com
match.sharethrough.com
354 B
1 media.net
cs.media.net
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
581 B
1 1rx.io
sync.1rx.io
696 B
1 emxdgt.com
cs.emxdgt.com
59 B
1 ad-score.com
data.ad-score.com
733 B
1 ytimg.com
i.ytimg.com
25 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 creativecdn.com
prebid-us.creativecdn.com
186 B
1 dinamize.com
receiver.posclick.dinamize.com
24 KB
1 quantcount.com
rules.quantcount.com
429 B
1 mcas.ms
www.correiodopovo.com.br.mcas.ms
840 B
0 impdesk.com Failed
pix.impdesk.com Failed
829 92
Domain Requested by
120 www.correiodopovo.com.br www.correiodopovo.com.br
61 pagead2.googlesyndication.com www.correiodopovo.com.br
pagead2.googlesyndication.com
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ced-ns.sascdn.com
www.googletagservices.com
55 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
www.correiodopovo.com.br
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
32 tpc.googlesyndication.com 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
26 www5.smartadserver.com ced.sascdn.com
www.correiodopovo.com.br
21 px.moatads.com www.correiodopovo.com.br
21 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
www.correiodopovo.com.br.mcas.ms
googleads.g.doubleclick.net
www.googleadservices.com
18 s0.2mdn.net www.correiodopovo.com.br.mcas.ms
s0.2mdn.net
googleads.g.doubleclick.net
18 www.youtube.com www.correiodopovo.com.br
apis.google.com
www.youtube.com
16 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
www.correiodopovo.com.br
16 vacina.saude.rs.gov.br www.correiodopovo.com.br
vacina.saude.rs.gov.br
13 www.google.com www.correiodopovo.com.br
www.youtube.com
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 plugins.soclminer.com.br www.correiodopovo.com.br
plugins.soclminer.com.br
correiodopovo.soclminer.com.br
12 www.googletagmanager.com www.correiodopovo.com.br
www.googletagmanager.com
paywall.correiodopovo.com.br
vacina.saude.rs.gov.br
adv.office-partner.de
tags.t.tailtarget.com
12 wfpscripts.webspectator.com www.correiodopovo.com.br
webservices.webspectator.com
wfpscripts.webspectator.com
11 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
10 googleads4.g.doubleclick.net www.correiodopovo.com.br.mcas.ms
googleads.g.doubleclick.net
10 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
www.correiodopovo.com.br.mcas.ms
10 www.googletagservices.com pagead2.googlesyndication.com
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 cdn.taboola.com www.correiodopovo.com.br
cdn.taboola.com
10 apis.google.com www.correiodopovo.com.br
apis.google.com
accounts.google.com
www.youtube.com
10 portal.correiodopovo.com.br www.correiodopovo.com.br
9 b153.s79.research.de.com 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
www.correiodopovo.com.br
9 b16.s79.research.de.com 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
www.correiodopovo.com.br
9 x.bidswitch.net 5 redirects imprammp.taboola.com
am-match.taboola.com
9 v3.denakop.com www.correiodopovo.com.br
v3.denakop.com
8 cdn.datatables.net vacina.saude.rs.gov.br
8 ups.analytics.yahoo.com 6 redirects googleads.g.doubleclick.net
8 opps.taboola.com vidstat.taboola.com
8 us-u.openx.net 6 redirects googleads.g.doubleclick.net
8 am-vid-events.taboola.com www.correiodopovo.com.br
vidstat.taboola.com
8 www.facebook.com www.correiodopovo.com.br
connect.facebook.net
8 connect.facebook.net www.correiodopovo.com.br
connect.facebook.net
plugins.soclminer.com.br
8 fonts.googleapis.com www.correiodopovo.com.br
client
vacina.saude.rs.gov.br
plugins.soclminer.com.br
hal900028.redintelligence.net
7 ssl.gstatic.com accounts.google.com
www.correiodopovo.com.br
6 tracking.m6r.eu 6 redirects
6 creatives.sascdn.com www.correiodopovo.com.br
6 sync.search.spotxchange.com 5 redirects googleads.g.doubleclick.net
6 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
6 sb.scorecardresearch.com 2 redirects wfpscripts.webspectator.com
www.correiodopovo.com.br
5 ade.googlesyndication.com
5 pixel.advertising.com 5 redirects
5 tr.blismedia.com 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 hal9000.redintelligence.net 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
hal900028.redintelligence.net
5 token.rubiconproject.com eus.rubiconproject.com
5 secure-assets.rubiconproject.com 5 redirects
5 ib.adnxs.com 2 redirects v3.denakop.com
googleads.g.doubleclick.net
5 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 cdnjs.cloudflare.com vacina.saude.rs.gov.br
4 hal900028.redintelligence.net 1 redirects 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
hal900028.redintelligence.net
4 sync.teads.tv googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.gstatic.com www.youtube.com
www.gstatic.com
plugins.soclminer.com.br
4 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
4 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
4 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google.de www.correiodopovo.com.br
4 images.taboola.com www.correiodopovo.com.br
4 trc.taboola.com cdn.taboola.com
www.correiodopovo.com.br
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 partner.googleadservices.com pagead2.googlesyndication.com
4 securepubads.g.doubleclick.net www.correiodopovo.com.br
securepubads.g.doubleclick.net
3 dsp.adfarm1.adition.com 3 redirects
3 um.simpli.fi 3 redirects
3 s.tribalfusion.com
3 a.tribalfusion.com 3 redirects
3 beacon.krxd.net googleads.g.doubleclick.net
cdn.krxd.net
3 static.socialminer.com 1 redirects plugins.soclminer.com.br
www.correiodopovo.com.br
3 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
3 am-match.taboola.com vidstat.taboola.com
3 c2shb.ssp.yahoo.com v3.denakop.com
3 accounts.google.com apis.google.com
ssl.gstatic.com
3 d.tailtarget.com v3.denakop.com
www.correiodopovo.com.br.mcas.ms
d.tailtarget.com
3 mcasproxy.azureedge.net www.correiodopovo.com.br.mcas.ms
mcasproxy.azureedge.net
2 b.t.tailtarget.com d.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com d.tailtarget.com
2 ads.avct.cloud 2 redirects
2 cdn.krxd.net s0.2mdn.net
cdn.krxd.net
2 api.webgains.io analytics.webgains.io
2 correiodopovo.soclminer.com.br plugins.soclminer.com.br
www.correiodopovo.com.br
2 px.adhigh.net 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pm.w55c.net 2 redirects
2 5994599.fls.doubleclick.net 1 redirects www.correiodopovo.com.br.mcas.ms
2 track.webgains.com www.correiodopovo.com.br.mcas.ms
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
2 www.awin1.com hal900028.redintelligence.net
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
2 pv.medialead.de 2 redirects
2 api.soclminer.com.br plugins.soclminer.com.br
2 sm.rtb.mts.ru 2 redirects
2 s79.research.de.com s79.mxcdn.net
2 stat.meetrics.net s79.mxcdn.net
2 c1.adform.net 2 redirects
2 s79.mxcdn.net s0.2mdn.net
2 wf.taboola.com vidstat.taboola.com
2 am-trc-events.taboola.com www.correiodopovo.com.br
2 cdn.navdmp.com tag.navdmp.com
2 platform.twitter.com www.correiodopovo.com.br
platform.twitter.com
2 stg.truvidplayer.com www.correiodopovo.com.br
go.trvdp.com
2 opi.navdmp.com tag.navdmp.com
2 cdn.jsdelivr.net tagmanager.smartadserver.com
vacina.saude.rs.gov.br
2 nr-events.taboola.com c2.taboola.com
www.correiodopovo.com.br
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 webservices.webspectator.com wfpscripts.webspectator.com
webservices.webspectator.com
2 tag.navdmp.com www.correiodopovo.com.br
tag.navdmp.com
2 barra.r7.com www.correiodopovo.com.br
www.correiodopovo.com.br.mcas.ms
2 www.instagram.com 1 redirects www.correiodopovo.com.br
2 tagmanager.smartadserver.com www.correiodopovo.com.br
tagmanager.smartadserver.com
1 am-wf.taboola.com vidstat.taboola.com
1 vidstatb.taboola.com
1 t.tailtarget.com
1 cm.t.tailtarget.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.webspectator.com wfpscripts.webspectator.com
1 consumer.krxd.net cdn.krxd.net
1 code.createjs.com s0.2mdn.net
1 ads.yahoo.com googleads.g.doubleclick.net
1 ced-ns.sascdn.com www.correiodopovo.com.br.mcas.ms
1 analytics.webgains.io track.webgains.com
1 ssbsync.smartadserver.com 1 redirects
1 ad-server.eu 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 adv.office-partner.de hal900028.redintelligence.net
1 pb.media01.eu hal900028.redintelligence.net
1 tech.rtb.mts.ru 1 redirects
1 sync.go.sonobi.com 1 redirects
1 google-sync.rutarget.ru 1 redirects
1 ads.travelaudience.com 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com www.correiodopovo.com.br
1 ad.turn.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cs.media.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
1 cds.taboola.com cdn.taboola.com
1 geo.moatads.com z.moatads.com
1 pips.taboola.com cdn.taboola.com
1 z.moatads.com vidstat.taboola.com
1 impr.taboola.com vidstat.taboola.com
1 cs.emxdgt.com am-match.taboola.com
1 data.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 imprammp.taboola.com vidstat.taboola.com
1 msgws.webspectator.com wfpscripts.webspectator.com
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 digital2.correiodopovo.com.br portal.correiodopovo.com.br
1 go.trvdp.com stg.truvidplayer.com
1 ajax.googleapis.com webservices.webspectator.com
1 prebid-us.creativecdn.com v3.denakop.com
1 15.taboola.com cdn.taboola.com
1 cms.analytics.yahoo.com www.correiodopovo.com.br
1 sync.navdmp.com www.correiodopovo.com.br
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com www.correiodopovo.com.br
1 tags.t.tailtarget.com www.correiodopovo.com.br
1 paywall.correiodopovo.com.br www.correiodopovo.com.br
1 usr.navdmp.com tag.navdmp.com
1 pixel.quantserve.com www.correiodopovo.com.br
1 d.t.tailtarget.com d.tailtarget.com
1 receiver.posclick.dinamize.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 cms-media-api.r7.com barra.r7.com
1 c2.taboola.com www.correiodopovo.com.br
1 secure.quantserve.com wfpscripts.webspectator.com
1 platform.instagram.com 1 redirects
1 ced.sascdn.com www.correiodopovo.com.br
1 www.correiodopovo.com.br.mcas.ms
0 pix.impdesk.com Failed 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
829 175

This site contains no links.

Subject Issuer Validity Valid
*.mcas.ms
Microsoft Azure TLS Issuing CA 06		 2021-08-19 -
2022-08-14		 a year crt.sh
*.azureedge.net
DigiCert SHA2 Secure Server CA		 2020-11-21 -
2021-11-30		 a year crt.sh
*.correiodopovo.com.br
Go Daddy Secure Certificate Authority - G2		 2021-05-30 -
2022-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.smartadserver.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-08-12 -
2021-11-10		 3 months crt.sh
*.webspectator.com
Go Daddy Secure Certificate Authority - G2		 2021-07-09 -
2022-07-11		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
*.r7.com
DigiCert SHA2 Secure Server CA		 2021-02-26 -
2022-03-02		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-25		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
receiver.posclick.dinamize.com
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.saude.rs.gov.br
AlphaSSL CA - SHA256 - G2		 2020-11-12 -
2021-12-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.truvidplayer.com
Amazon		 2021-02-17 -
2022-03-18		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.trvdp.com
Amazon		 2020-10-23 -
2021-11-22		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.mxcdn.net
DigiCert SHA2 Secure Server CA		 2020-12-07 -
2021-12-14		 a year crt.sh
redintelligence.net
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-08-26 -
2021-11-24		 3 months crt.sh
meetrics.net
R3		 2021-06-30 -
2021-09-28		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
adv.office-partner.de
R3		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
ad-server.eu
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 81 frames:

Primary Page: https://www.correiodopovo.com.br/
Frame ID: 3BEF61EA684CA354439D0CCB808B7C9F
Requests: 390 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.6.18/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Frame ID: 910FD639C3696CC6DB1C840AE00D2E9C
Requests: 2 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: 85F1C6D6D266DC4CACBDA639BACB0531
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: F6CACFCF6114C8D987A1C038DE25A94C
Requests: 1 HTTP requests in this frame

Frame: https://vacina.saude.rs.gov.br/
Frame ID: C02EAD0900159DCCEDACD9D85A25E03A
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1631651275&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651275331&bpp=3&bdt=897&idt=221&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=508110068192&frm=20&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651276&ga_hid=1162761989&ga_fc=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C44748553%2C31062297%2C31062528&oid=3&pvsid=599572198568463&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: 1DBA3993C282F7A2FBDE2BE5F5751DE9
Requests: 1 HTTP requests in this frame

Frame: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Frame ID: C0026BF136C98C53537A67C7ACF1B110
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Frame ID: A40730094AE33643D861407172FDBCFA
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Frame ID: 1213FDD4A4E76E43ECFBCF313B3F4EF9
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Frame ID: E75977CF274D5AF2F558BC6D37C9B45B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A694489DD64A74062B710DFE99D3B415
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Frame ID: 155431E0DCDE5FB47DFAB10A7552171D
Requests: 18 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 36E140FF8DC71ECA33636C05A8F099EE
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 1EB9C767BA971AC63EC8700EA608F81A
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D24966768D25A86D3F004A9392754A6B
Requests: 5 HTTP requests in this frame

Frame: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D74BA31E423D260488BE359908EC68C2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Frame ID: 65D267D7FE89742283BD2E5E5C2EA252
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 6D2D5F69E84B331CF0D9F2F6AFED837C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: C0166F5D783971623C6D926538C4FCFF
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: A7ACA29A25CDC471466061115EE5EDDB
Requests: 5 HTTP requests in this frame

Frame: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C8A0E22DF21F4E72617087958D4BDE0A
Requests: 28 HTTP requests in this frame

Frame: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5FBF9E3354A6F9FB996C559B6C310042
Requests: 28 HTTP requests in this frame

Frame: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4AA036231ED9D709BE4F046E166D14A0
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 2B2BFB2607AD78DB1AC75167F37C647B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
Frame ID: C9897B55FFD50F6254595087077F53C0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
Frame ID: 063665A1B27E78947E799B3EEFE1B896
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
Frame ID: 5425A4B873510BF2F9EFC1C56D5BEE75
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 77FD17CB45D716AF161FECE9D40B1EC7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
Frame ID: C98B8F3F1D7DFFAC2DBD15604CE8FB9B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1281655A1FB9AC930711C02DA84D4949
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
Frame ID: 696FA918F225AF92677BE12E037C8781
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 48E765BAE7E6D884212249EB2C242078
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F32F00E5A4A4A85A609656173F319DEF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB43FD6749A364369C2461A8600F049A
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27661200205041100710626011717028&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 2DAB1949D3DB7FF1AE4BD2BC2E3D9C6B
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2855700&v=20612&q=410607&r=296283&pref1=27661200205041100710626011717028&pv=1
Frame ID: 50E9B7E09AA2728A4287B8371954D01F
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: D8505297333938BB791BF18F70DC15F3
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683
Frame ID: 2919E20380DA54F28A99C593C804A703
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Frame ID: 76DA9B59326C5770C0237B02586E8202
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0870C94A836488CED6219C55FDDA19B
Requests: 9 HTTP requests in this frame

Frame: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
Frame ID: 006E3FF0846864CCFCD7C616C73C68AA
Requests: 6 HTTP requests in this frame

Frame: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Frame ID: CA28D51AD7B59FB64B3A4D58D0666E1C
Requests: 12 HTTP requests in this frame

Frame: https://correiodopovo.soclminer.com.br/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
Frame ID: 8B5115ABBA7B4931F4945F061EF18BBD
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: 07A6E430BEDF3B9E95B6D1F0729D321C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 10D8BED791615CB65ABA80E2A726ED1B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 048E46000EC1BA256749C6EC0067B793
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D047D131C8737998A71454B498D23B54
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Frame ID: E10E563D5EA7DD4467E3EC7CDEA0C9FF
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Frame ID: 6F8DC4B397600ACBAE54D7080D4D69ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Frame ID: 2BF6422148EF5E64012EBE4163D487DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9pyibTAB&v=APEucNVHR8QIuCH0wKO4cK9NiTkzXrCG_pAauspi3qb2Phwf1oEblBEvrxz0f3NHrfqCg2Q2bJJlPXj1GqniRgt5xZ3UtEagrq5xi3jz9YlK5Ftdxd1av1y5zszUDCRp2EqGIeL-TBxYHu13UNh6BM8Gr-ni9rgTUmXQhyfm4k0Uo7SDRG8I4M0
Frame ID: F9D966DC8216DB5FA54353E899424D85
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNWyxgnZegvuST5lG5C27GOZhQenITufQD2pLLnD1fAkJHrEcGYN6yWmqwjs1rpVTJFxt189TMMMXrkYXM_EUHzDvU3CEGTSLK0c4W-HtpOF2cbaI8ukOUXNfS39T2c83a2NMi3TFl_WfwflTpdggNNIcsyc2TCIU2vmTcZn3KbeQLDvjgg
Frame ID: FAB98FB2FDEB097C02052DA67AB36366
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Frame ID: 98460BA0765E67A1DE9CFBE938C5CD0E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNVKQxRMwvk_WaTyVrkQk6j6IJfeNhlaHb5cwLNDxqIh5DfLid6oDCpev4Ti1js2VT_qevJROgmUbtZq8c96J2IBKAHqFxK_9QHuPDeS0k5eO7J610UQRQ3xfLZ0GdvT0ECGM-8jO_xn5lJWBTpofwIlYM_ClqRgAWw6TlCftKAgz_Aft7Q
Frame ID: B77404717B43F9B3F1A01D064762EDD7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Frame ID: 1FE8B46903786B26CE4CB8FA8797C0EE
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/2173874479230561/index.html
Frame ID: 633CADEC10D00D0D4711A445151410EF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 557BA070D0AFF06F42D8DD2AFC48E150
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2BE21E3DBECBE23DF2E2CF29E7C30E0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 345C17CB6560A8DEE802ED8C0FC53FBB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 258EF8935615EA2577A63ABFD066B837
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F5D7F800D9DD73939EA929EF15140B6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 58BB73C7116B50AA7E4DB6755244C286
Requests: 3 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 7AA6889B7FF576A4D05BA76CAE43429D
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: CE7E52D148FDB779EDF25FBA2F933C14
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: D885B6C4B060BA5B69207E0FE4E26777
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 3A9D044B47B757848F3B75639BE05600
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 258DDB906648FB49C0666DE170413B00
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: F22D09BFA43B844AABC777DF20A15E56
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 0E62FBDE6507B975BB2B155E61BFA29C
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 8D930DFFC7C2703E8E575487E4BA4067
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 41A237D494279563F8809DDB8A5356FF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB415719DF1F03B5F4435EA71FA2A18D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 62316DC8D41411A9E00E8A46E5B36072
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1E7C9F70B2D0DCE0794A6A0BBCA6A54
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A14CDBD371135621BB784D88092491EC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D104FF7926F60CA20CEAF5692D937D04
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FA99EC96CFA473C20AFC55D395FC0BAA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61C2D67D36626D15CE9D6CC183C4B7E5
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 362606D7A29C50262F4F291CC5D21468
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 13C0F0EE71B8520A1B8DF419687BBCE5
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=1855a0b3-fe30-4371-8239-96e12cc270bc
Frame ID: D16162BAC202D20C7167BDD1C546E878
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.correiodopovo.com.br.mcas.ms/ Page URL
  2. https://www.correiodopovo.com.br/ Page URL

Page Statistics

829
Requests

100 %
HTTPS

0 %
IPv6

92
Domains

175
Subdomains

112
IPs

14
Countries

13604 kB
Transfer

33843 kB
Size

116
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.correiodopovo.com.br.mcas.ms/ Page URL
  2. https://www.correiodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 133
  • https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Request Chain 134
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=65985384677 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=65985384677&google_gid=CAESEIT5Ywca0968Zrhx2DQzRbQ&google_cver=1
Request Chain 212
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=114c6141-05cb-4800-a842-c3c4596b70f6
Request Chain 286
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=3f1895db-159a-11ec-8ac5-16ae82d30106 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
Request Chain 290
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=3f18ac06-159a-11ec-a590-1a3cf9d10206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
Request Chain 313
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 314
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 343
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1
Request Chain 377
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUEFzi0epgmz.efDmRzC2QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1&google_hm=2
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFb6_RGilmMoiCRZsT4kYfU&google_cver=1
Request Chain 379
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMzM2ODU2NDgyNzMxNTc1NQ%3D%3D
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
Request Chain 393
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
Request Chain 397
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
Request Chain 420
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECVTEuB2q38_yE3JxGO-LUE&google_cver=1&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0ConISNK1ZDb6nwNYTiuMvEo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECVTEuB2q38_yE3JxGO-LUE&google_cver=1&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0ConISNK1ZDb6nwNYTiuMvEo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMxMjA5NDUyNjgxMzA0MjA4NA&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0ConISNK1ZDb6nwNYTiuMvEo
Request Chain 421
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENrxaC7uxjs2HAaoPZbKYpE&google_cver=1&google_push=AYg5qPJ2w__HsAATKEIcJlbBmcbwEIsOxa0c0T1BMVc63doqK0oSeJw5B76IXmLFOwU3e6rpcVbpYXZLLBe5IeG6fG5nNiEXexU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLSjFLRTMtMTUtRjJRVg==&google_push=AYg5qPJ2w__HsAATKEIcJlbBmcbwEIsOxa0c0T1BMVc63doqK0oSeJw5B76IXmLFOwU3e6rpcVbpYXZLLBe5IeG6fG5nNiEXexU
Request Chain 422
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELbsGqYvNhS4loHQOEQR2a0&google_cver=1&google_push=AYg5qPKdOXsvLM7hxXS1WW_-AsVJmLRJl4qYgNq0aLBEvyRDKWg8vej4wKLCzfealyfDI8dtsqEuQg06mkEWWAUFHKkfwJVZhjk HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-abadff3d-2d77-4d40-8c43-a6d37cc36692-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKdOXsvLM7hxXS1WW_-AsVJmLRJl4qYgNq0aLBEvyRDKWg8vej4wKLCzfealyfDI8dtsqEuQg06mkEWWAUFHKkfwJVZhjk%26google_hm%3DA6ut_z0td01AjEOm03zDZpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdOXsvLM7hxXS1WW_-AsVJmLRJl4qYgNq0aLBEvyRDKWg8vej4wKLCzfealyfDI8dtsqEuQg06mkEWWAUFHKkfwJVZhjk&google_hm=A6ut_z0td01AjEOm03zDZpI
Request Chain 423
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHD4T5uKPIvuU-PpaO0nJdU&google_cver=1&google_push=AYg5qPLkgw_S-2Pj0H9KHzyoLaQUv3mW6Y3-N4MB-_RGkEdmZB1ZPsrkl0nRv_WPS_kzmeNHdsAoWaZVI7JTB3ipWSeO5kr-CUbp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&mn_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLkgw_S-2Pj0H9KHzyoLaQUv3mW6Y3-N4MB-_RGkEdmZB1ZPsrkl0nRv_WPS_kzmeNHdsAoWaZVI7JTB3ipWSeO5kr-CUbp&gdpr=&gdpr_consent=
Request Chain 424
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAjUbJ_VnL02cvTW5OTaCv4&google_cver=1&google_push=AYg5qPK6Imx30vf6YsRYHdM8NfmsrUsP25a_m507YUvRYsawO063tU1RruXBjq5jEyC5yrUboN6iXQGAET64hsxIqyZyzo0j2_Np HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTM4NWU1NDAtYjdjMy00MWQxLWE2YjYtYjdkYzFmZWJjNDAw&google_push=AYg5qPK6Imx30vf6YsRYHdM8NfmsrUsP25a_m507YUvRYsawO063tU1RruXBjq5jEyC5yrUboN6iXQGAET64hsxIqyZyzo0j2_Np
Request Chain 431
  • https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 442
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO_fwh8598zD92AAkTFaUZ0&google_cver=1&google_push=AYg5qPInzwrfd3ZHclpTR1a5B0PVPJPmEdeMtEdMFGdBfuNgGnzvNZfCdKJ0uVu65tCLqW3vlkf0RNZoN8OFgH-9AE7OxYUROvyj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY5NjgwOTY5MDA2Nzc4MDM1NQ== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEO_fwh8598zD92AAkTFaUZ0&google_cver=1
Request Chain 443
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELxQGe--wFgDVEEWEdnFjtk&google_cver=1&google_push=AYg5qPLCTvtPzbDyqrcsbWQCeMtcRFhW958FeEKIC8mG_dB6FTPmiXbSZdUDYcAStnbCpDG35E36q7_sa8uLp7ryVzMlWlOoAPi9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EUxhQQXLSACoQsPEWWtw9g&google_push=AYg5qPLCTvtPzbDyqrcsbWQCeMtcRFhW958FeEKIC8mG_dB6FTPmiXbSZdUDYcAStnbCpDG35E36q7_sa8uLp7ryVzMlWlOoAPi9
Request Chain 444
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGpPoAQBJyzfkutrGdpMLlE&google_cver=1&google_push=AYg5qPK1SIlZmTbx-_UeBCfja60ypHt5QwLiqJ7r8l_Ty-ZjIB7J8iJUt3igkqS97E7l1v9ixdofuT09Z6Dg_9uDKfisQQuedjZv HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=USW9Tp5_TqKvLUBxilX4_g2&google_push=AYg5qPK1SIlZmTbx-_UeBCfja60ypHt5QwLiqJ7r8l_Ty-ZjIB7J8iJUt3igkqS97E7l1v9ixdofuT09Z6Dg_9uDKfisQQuedjZv
Request Chain 446
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEPtckObInJeWNY40Ig8MYIU&google_cver=1&google_push=AYg5qPIk3N8DTJwfwZhJFx4cqGpOj1AgqKg2ef5wWMINwA-XTxcxVrgVa0JuNc2owWXJ3xfDa-iQuqD9i0QBh_Dqq6X3UvDtciKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=MVllMDlLdkF5UHc4&google_ula=2046794&google_push=AYg5qPIk3N8DTJwfwZhJFx4cqGpOj1AgqKg2ef5wWMINwA-XTxcxVrgVa0JuNc2owWXJ3xfDa-iQuqD9i0QBh_Dqq6X3UvDtciKI
Request Chain 447
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLd1Tkeol2VBuhAQ-bLSTFX3MNEJK2Szq1fasfvc5aT_Xl4o4NvBOsL0w_KqDVTjM4lkOEMtKgnv_waR-ASCp4ENbWWflFr%26google_hm%3D%5BUID%5D&google_gid=CAESEPBvfYeWn-CW11lV1m7VZMY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLd1Tkeol2VBuhAQ-bLSTFX3MNEJK2Szq1fasfvc5aT_Xl4o4NvBOsL0w_KqDVTjM4lkOEMtKgnv_waR-ASCp4ENbWWflFr&google_hm=3702d33c-4023-4660-ba49-2901327d1bfb
Request Chain 448
  • https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEEe6qaUfzs72UhXu2zWIoDE&google_cver=1&google_push=AYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnVnqdgalilNufqg HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3Dd79be632-64aa-48a1-a899-51fd4c4f247e%26google_push%3DAYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnVnqdgalilNufqg&ssp=googleban&exu=CAESEEe6qaUfzs72UhXu2zWIoDE HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=d79be632-64aa-48a1-a899-51fd4c4f247e&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3Dd79be632-64aa-48a1-a899-51fd4c4f247e%26google_push%3DAYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnVnqdgalilNufqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=d79be632-64aa-48a1-a899-51fd4c4f247e&google_push=AYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnVnqdgalilNufqg
Request Chain 461
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=27661200205041100710626011717028&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27661200205041100710626011717028&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 465
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683
Request Chain 467
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27661200205041100710626011717028 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27661200205041100710626011717028 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 478
  • https://static.socialminer.com/custom/0d2ab486745b45cf991c8d91aa3e3e5f/custom.js HTTP 301
  • https://static.socialminer.com/custom/default.js
Request Chain 490
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cver=1&google_push=AYg5qPKNeWVo67ZyPxogyAZWzaeqXp__36TT1vVj9TstFWk2ZYiCjes-fvl8rLYPSfXKqGbAsIAoVVhtSrSdAymlCzCYmECVBktfhKBDUrE-U61-RyHIF-6c-GGp-bfaRTiDCsL7W65YDQyz HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cver=1&google_push=AYg5qPKNeWVo67ZyPxogyAZWzaeqXp__36TT1vVj9TstFWk2ZYiCjes-fvl8rLYPSfXKqGbAsIAoVVhtSrSdAymlCzCYmECVBktfhKBDUrE-U61-RyHIF-6c-GGp-bfaRTiDCsL7W65YDQyz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDd2ZGNGcm8xTXFmMjc1&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cver=1&google_push=AYg5qPKNeWVo67ZyPxogyAZWzaeqXp__36TT1vVj9TstFWk2ZYiCjes-fvl8rLYPSfXKqGbAsIAoVVhtSrSdAymlCzCYmECVBktfhKBDUrE-U61-RyHIF-6c-GGp-bfaRTiDCsL7W65YDQyz
Request Chain 491
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMLcsrkSftX7KCbaL9g5UAA&google_cver=1&google_push=AYg5qPIulsJUt9bU_X3G4PtyfMO5dMaj5I1ezjTmnrhLmG94IVNiSs_2uvin_D6pJHpUH_hWVoAbTgh38a8N2C3WOmVY3ByFTKXAKpW9LaV3DPjDQPZatp9641lOLuRR3QpaVfZ3FXPMH7o HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEMLcsrkSftX7KCbaL9g5UAA&google_cver=1&google_push=AYg5qPIulsJUt9bU_X3G4PtyfMO5dMaj5I1ezjTmnrhLmG94IVNiSs_2uvin_D6pJHpUH_hWVoAbTgh38a8N2C3WOmVY3ByFTKXAKpW9LaV3DPjDQPZatp9641lOLuRR3QpaVfZ3FXPMH7o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ow5v_1q2S9qtXDr6rJIhWmFBBc8
Request Chain 493
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEJW2OwxBJ2qxT1GkmL9B4Qc&google_cver=1&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v-t0EaIed7wRVGq0dQqFV-WUerM-EtRwJBoNnpxQNz-L-OkZooqLOIdaMDVJSsr HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEJW2OwxBJ2qxT1GkmL9B4Qc&google_cver=1&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v-t0EaIed7wRVGq0dQqFV-WUerM-EtRwJBoNnpxQNz-L-OkZooqLOIdaMDVJSsr&prevuid=03030001_614105cfe5ca2&knw=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v-t0EaIed7wRVGq0dQqFV-WUerM-EtRwJBoNnpxQNz-L-OkZooqLOIdaMDVJSsr&google_hm=MDMwMzAwMDFfNjE0MTA1Y2ZlNWNhMg%3D%3D
Request Chain 494
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPd3eG3w7ynRjSwtW_ZpCDs&google_cver=1&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagNmXTTKVUODJAucjJxO5FoCGNfVzQYISv4-EbkQNI3CZJ HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPd3eG3w7ynRjSwtW_ZpCDs&google_cver=1&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagNmXTTKVUODJAucjJxO5FoCGNfVzQYISv4-EbkQNI3CZJ&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagNmXTTKVUODJAucjJxO5FoCGNfVzQYISv4-EbkQNI3CZJ&google_hm=zZDD86PMKSgAAikABlF75f60lw%3D%3D
Request Chain 495
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF7Vcsxt3XD0-ZUGO79Aj3Q&google_cver=1&google_push=AYg5qPKo-TDKp-n8UeZsChudCLMjrBzy-a5phVP2suVsfoNvANLHC84Ib4tVetnwKmOtkL00LDokLMCtmYwoyNt82bfYOAQ8zfD76JDpMhypZDKDr5F7fsJO_gVq18DKW4HycakQIgRXi_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKo-TDKp-n8UeZsChudCLMjrBzy-a5phVP2suVsfoNvANLHC84Ib4tVetnwKmOtkL00LDokLMCtmYwoyNt82bfYOAQ8zfD76JDpMhypZDKDr5F7fsJO_gVq18DKW4HycakQIgRXi_A&google_hm=NTc0NTU4MTM1NjI2OTg5MDc%3D
Request Chain 496
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHppZVet6YsiL94M9Zi2dHI&google_cver=1&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7tnBmvqVXy87GlWOwGNHEa8ITGqMtqDAwmGCxweIczagW49hX6MDckV8iwA6MO6hUTyr0fTPQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHppZVet6YsiL94M9Zi2dHI&google_cver=1&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7tnBmvqVXy87GlWOwGNHEa8ITGqMtqDAwmGCxweIczagW49hX6MDckV8iwA6MO6hUTyr0fTPQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ISFpyX2VaRTJ1RjRNd1hUSjhIaDBsN1VCSkVwQjdjNX5B&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7tnBmvqVXy87GlWOwGNHEa8ITGqMtqDAwmGCxweIczagW49hX6MDckV8iwA6MO6hUTyr0fTPQ
Request Chain 543
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Request Chain 620
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2Mzoyc1K5QSXM5V0alBsE&google_cver=1
Request Chain 621
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2YxOGFiYTQtMTU5YS0xMWVjLWE1OTAtMWEzY2Y5ZDEwMjA2
Request Chain 653
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
Request Chain 654
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
Request Chain 655
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
Request Chain 664
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
Request Chain 665
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
Request Chain 666
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
Request Chain 688
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 689
  • https://um.simpli.fi/gp_match?google_gid=CAESEBBqNqQBCyOLTC77ni5MiCE&google_cver=1&google_push=AYg5qPK4AtaaBAzHfNU8kY0af_iE2N02_iU6Hx0KFd359LRcUt2tkzwIftBBGEuWZnxUcCfFzL5P93lMxiAJnDXl-2NsAKWJ2yQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4210D6FC30904BA6A505C68F91DE9A39&google_push=AYg5qPK4AtaaBAzHfNU8kY0af_iE2N02_iU6Hx0KFd359LRcUt2tkzwIftBBGEuWZnxUcCfFzL5P93lMxiAJnDXl-2NsAKWJ2yQ
Request Chain 691
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABQlPFOyaxQWFC_KMG1Hfc&google_cver=1&google_push=AYg5qPIL937mv-_W9Jv2EsEB1M98mlq8QG_J02KVdhOSWky2q_DwJj_Ui3_rj7JzXstmGw0o3ZTeW33Ai3p_MykRXl_rPyqsSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4Nzc5NzkxMQ%3D%3D&google_push=AYg5qPIL937mv-_W9Jv2EsEB1M98mlq8QG_J02KVdhOSWky2q_DwJj_Ui3_rj7JzXstmGw0o3ZTeW33Ai3p_MykRXl_rPyqsSA
Request Chain 692
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlWnJ7Zy7a5NIFbT6_kbA9tYpJZ2GO8ua7jMWsgg HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlWnJ7Zy7a5NIFbT6_kbA9tYpJZ2GO8ua7jMWsgg&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=KGn6utyPSxO6hngtouotHw&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlWnJ7Zy7a5NIFbT6_kbA9tYpJZ2GO8ua7jMWsgg
Request Chain 693
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09okYEJ9A HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09okYEJ9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09okYEJ9A&google_hm=T3wvndZCSniAgFsAeOWNDw==
Request Chain 700
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 701
  • https://um.simpli.fi/gp_match?google_gid=CAESEBBqNqQBCyOLTC77ni5MiCE&google_cver=1&google_push=AYg5qPIVHUypjzrq35eNuzOwhqNExshle07IKUxTHhrLs7MQ7fmqEltSZ4VHwEsQXq_Cpyoy_-O-nDzR03C3ZsB4X8yrBrqh-UyJvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=880E6B9608704968809C0DDA5EC9C00D&google_push=AYg5qPIVHUypjzrq35eNuzOwhqNExshle07IKUxTHhrLs7MQ7fmqEltSZ4VHwEsQXq_Cpyoy_-O-nDzR03C3ZsB4X8yrBrqh-UyJvA
Request Chain 703
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABQlPFOyaxQWFC_KMG1Hfc&google_cver=1&google_push=AYg5qPLqswq23wLrBhLwN02mzyjpc-O4aIqtLBBLTjJFAsAcLp3x3za7591p6wXa0BXNZwS9lTd-86UgKRk-5Rj3XlGcPEHbFLlN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4ODk3NzU0OA%3D%3D&google_push=AYg5qPLqswq23wLrBhLwN02mzyjpc-O4aIqtLBBLTjJFAsAcLp3x3za7591p6wXa0BXNZwS9lTd-86UgKRk-5Rj3XlGcPEHbFLlN
Request Chain 704
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0oAR7dg9jT5jSFmGRA9K-575Ff89hGtvipkrd22u HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0oAR7dg9jT5jSFmGRA9K-575Ff89hGtvipkrd22u&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=smFbreACXVMc3fF6-0eJQA&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0oAR7dg9jT5jSFmGRA9K-575Ff89hGtvipkrd22u
Request Chain 705
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPLTOCHacewKeJugSHhoxa_L3exNAsnWbXA_diOEbIWkCxbNzANOyesgWS2JfSP4BhArSj6E_fc5LM2GDhzvt2j5BGF3FNe4Aw HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=bcdd51a5-bd79-4860-98fc-a9fa9c6e8e32&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
Request Chain 707
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 708
  • https://um.simpli.fi/gp_match?google_gid=CAESEBBqNqQBCyOLTC77ni5MiCE&google_cver=1&google_push=AYg5qPKkYnuPPTYizhFHhTFmSFYkC5nQWYd5lMT8VzrRJZLCLZWCPXm_YJO1BQtKNIyajJtdTjQAMpJPbNPpGItptw8htHJJWjmh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=03A29AB297494799815227AA5799A126&google_push=AYg5qPKkYnuPPTYizhFHhTFmSFYkC5nQWYd5lMT8VzrRJZLCLZWCPXm_YJO1BQtKNIyajJtdTjQAMpJPbNPpGItptw8htHJJWjmh
Request Chain 710
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABQlPFOyaxQWFC_KMG1Hfc&google_cver=1&google_push=AYg5qPLyzOMXV-JGlCJXk08l4MZC__dHEsKLSFV4XAiXII62TjJ4FyKhF4Wv10-f-VDY4O-9FHDrxVVe9zXH9ZQRoaSKpkASYixX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4OTUwMTg0MQ%3D%3D&google_push=AYg5qPLyzOMXV-JGlCJXk08l4MZC__dHEsKLSFV4XAiXII62TjJ4FyKhF4Wv10-f-VDY4O-9FHDrxVVe9zXH9ZQRoaSKpkASYixX
Request Chain 711
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvgXTOaeRCwkrXlwnx3hnFM9pffnPyGP6oEWhFoXdF HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvgXTOaeRCwkrXlwnx3hnFM9pffnPyGP6oEWhFoXdF&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sWJo4zw10oKQDh8MW8tMLg&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvgXTOaeRCwkrXlwnx3hnFM9pffnPyGP6oEWhFoXdF
Request Chain 712
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
Request Chain 784
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEF8vbvi3PDp5mruPxYtOBDM&google_cver=1&google_ula=862479430,0
Request Chain 812
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 813
  • https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=1855a0b3-fe30-4371-8239-96e12cc270bc

829 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.correiodopovo.com.br.mcas.ms/ 		1 KB
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.233.49 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
32b409719a1cc57b4e01da7ed76bc142dc583a72d0b4c2d98dc176c895c8e41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.correiodopovo.com.br.mcas.ms
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
openresty
date
Tue, 14 Sep 2021 20:27:54 GMT
x-mcas-request-id
f793f47869e45320022d602ab465cea4
expires
Mon, 01-Jan-1990 00:00:00 GMT
strict-transport-security
max-age=31536000
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-mcas-upstream-time
n/a
x-mcas-processing-time
3
content-encoding
gzip
x-mcas-cache-status
MISS
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.6.18/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.6.18/js/session-context-store-helper.min.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.106.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-106-57.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br.mcas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 20:27:54 GMT
last-modified
Sun, 12 Sep 2021 06:54:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
PLOXavfa2pddds7xHBr81w==
etag
0x8D975BA3252CDCF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9cf27bd0-f01e-0126-6fe9-a78935000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31344832
x-ms-version
2009-09-19
content-length
5084
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.6.18/html/ Frame 910F 		281 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.6.18/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.6.18/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.106.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-106-57.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method
GET
:authority
mcasproxy.azureedge.net
:scheme
https
:path
/proxyweb/1.6.18/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br.mcas.ms/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br.mcas.ms/

Response headers

content-length
281
content-type
text/html
content-md5
vDuuGHIdcY/gQtnraxH9qw==
last-modified
Sun, 12 Sep 2021 06:55:20 GMT
etag
0x8D975BA4986D8E9
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
9cf27c34-f01e-0126-3de9-a78935000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cache-control
public, max-age=31344835
date
Tue, 14 Sep 2021 20:27:54 GMT
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.6.18/js/ Frame 910F 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.6.18/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.6.18/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.106.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-106-57.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.6.18/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 20:27:54 GMT
last-modified
Sun, 12 Sep 2021 06:54:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
d0ja3c44qO7D3vm2nqObfQ==
etag
0x8D975BA326CC31B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a9f4ad7d-501e-008e-44e9-a71b75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31344821
x-ms-version
2009-09-19
content-length
36521
Primary Request /
www.correiodopovo.com.br/ 		336 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
46adddd448468b4eb5cb24681908dd86566e07b8e3147b743d96ec151f14b36e

Request headers

:method
GET
:authority
www.correiodopovo.com.br
:scheme
https
:path
/?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.correiodopovo.com.br.mcas.ms/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br.mcas.ms/

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-type
text/html;charset=utf-8
content-length
51861
server
nginx/1.12.2
cache-control
max-age=240
expires
Tue, 14 Sep 2021 20:31:54 GMT
x-cacheable
YES
x-cache-rule
YES with ttl: 60.000 /
content-encoding
gzip
age
58
x-cache
HIT
v
5
accept-ranges
bytes
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
3d4d5938790a19395ff613bd5af478c384caf7926f23094297331936ace2e492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 20:27:54 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
sffe /
Resource Hash
ef0e21d766afdb8f30b765f5873eed72b3f2e4d682448d8def16ce9743ab3c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 402 of 1000 / last-modified: 1631617829"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Sep 2021 20:27:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a90780934d15fac1fbcd388e13b6260a1899ec1742bb1a3db91d1fb43a1794d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48937
x-xss-protection
0
server
cafe
etag
6802240111074278633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:55 GMT
smart.js
ced.sascdn.com/tag/1320/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1320/smart.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.242.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-242-228.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94e826719b8992f595addf67de78104ee5c1b971d451991f92e1c350784a4e71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
24871
Expires
Tue, 14 Sep 2021 20:42:55 GMT
smart.prebid.js
tagmanager.smartadserver.com/1320/71754/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-176.deploy.static.akamaitechnologies.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
ff7835dd23219873216e3c692791c3a12f16456bd5e4e31dfeee42af427ce6a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 11:34:09 GMT
Server
Apache/2.4.25 (Debian)
ETag
"3af2-5c672ccdfd6ef-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3906
css
fonts.googleapis.com/ 		2 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 19:30:58 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:54 GMT
css
fonts.googleapis.com/ 		13 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300italic,400italic,700italic,400,700,300
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 19:51:00 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:54 GMT
bootstrap.min.css
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

:path
/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
belamais.css
www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/belamais.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8

Request headers

:path
/polopoly_fs/3.232526.1615315562!/belamais.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.232526.1615315562!/belamais.css
last-modified
Tue, 09 Mar 2021 18:46:03 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 		146 B
386 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a

Request headers

:path
/polopoly_fs/3.194.1594145527!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/style.css
last-modified
Tue, 07 Jul 2020 18:12:08 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
113
expires
Thu, 14 Oct 2021 20:27:54 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 		865 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b

Request headers

:path
/polopoly_fs/3.302.1615315537!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/style.css
last-modified
Tue, 09 Mar 2021 18:45:37 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
comments.css
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 		310 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/comments.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33

Request headers

:path
/polopoly_fs/3.259.1551461019!/comments.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/comments.css
last-modified
Fri, 01 Mar 2019 17:23:40 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
video-js.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video-js.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab

Request headers

:path
/polopoly_fs/3.256.1551461012!/video-js.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video-js.css
last-modified
Fri, 01 Mar 2019 17:23:33 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2965
expires
Thu, 14 Oct 2021 20:27:54 GMT
video.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		561 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c

Request headers

:path
/polopoly_fs/3.256.1551461012!/video.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.css
last-modified
Fri, 01 Mar 2019 17:23:33 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/ 		2 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85

Request headers

:path
/polopoly_fs/3.237.1615315513!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.237.1615315513!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:13 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/ 		39 B
316 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b

Request headers

:path
/polopoly_fs/3.234.1615315510!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.234.1615315510!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:11 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/ 		38 B
334 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692

Request headers

:path
/polopoly_fs/3.231.1615315500!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:06 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
58
expires
Thu, 14 Oct 2021 20:27:54 GMT
tags.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.carousel.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
tags.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		1 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
owl.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.carousel.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
owl.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
social-auth.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		46 B
342 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919

Request headers

:path
/polopoly_fs/3.212.1615315469!/social-auth.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.css
last-modified
Tue, 09 Mar 2021 18:44:30 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
66
expires
Thu, 14 Oct 2021 20:27:54 GMT
bootstrap-social.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/bootstrap-social.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa

Request headers

:path
/polopoly_fs/3.212.1615315469!/bootstrap-social.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/bootstrap-social.css
last-modified
Tue, 09 Mar 2021 18:44:29 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2669
expires
Thu, 14 Oct 2021 20:27:54 GMT
fotorama.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

:path
/polopoly_fs/3.203.1615315462!/css/fotorama.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama.css
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
fotorama-custom.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 		738 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a

Request headers

:path
/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
SearchElement.css
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		1 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968

Request headers

:path
/polopoly_fs/3.200.1615315459!/SearchElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.css
last-modified
Tue, 09 Mar 2021 18:44:19 GMT
server
nginx/1.12.2
age
72
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
488
expires
Thu, 14 Oct 2021 20:27:54 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 		909 B
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f

Request headers

:path
/polopoly_fs/3.197.1615315455!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/style.css
last-modified
Tue, 09 Mar 2021 18:44:15 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
374
expires
Thu, 14 Oct 2021 20:27:54 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/ 		110 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420

Request headers

:path
/polopoly_fs/3.184.1615315445!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.184.1615315445!/style.css
last-modified
Tue, 09 Mar 2021 18:44:06 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/ 		857 B
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273

Request headers

:path
/polopoly_fs/3.178.1615315437!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.178.1615315437!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:57 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/ 		456 B
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba

Request headers

:path
/polopoly_fs/3.175.1615315435!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.175.1615315435!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:55 GMT
server
nginx/1.12.2
age
75
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
235
expires
Thu, 14 Oct 2021 20:27:54 GMT
font-awesome.min.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4696
expires
Thu, 14 Oct 2021 20:27:54 GMT
fontscorreio.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/ 		398 B
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
133
expires
Thu, 14 Oct 2021 20:27:54 GMT
fontsbelamais.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/ 		244 B
410 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
last-modified
Tue, 09 Mar 2021 18:43:44 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
stylenovo.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/stylenovo.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850

Request headers

:path
/polopoly_fs/3.163.1615315420!/stylenovo.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/stylenovo.css
last-modified
Tue, 09 Mar 2021 18:43:45 GMT
server
nginx/1.12.2
age
76
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8918
expires
Thu, 14 Oct 2021 20:27:54 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 		140 B
396 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56

Request headers

:path
/polopoly_fs/3.153.1615315412!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/style.css
last-modified
Tue, 09 Mar 2021 18:43:32 GMT
server
nginx/1.12.2
age
75
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
123
expires
Thu, 14 Oct 2021 20:27:54 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/ 		470 B
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053

Request headers

:path
/polopoly_fs/3.150.1615315409!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.150.1615315409!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:29 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
autotrack.min.js
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/autotrack.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6

Request headers

:path
/polopoly_fs/3.137.1615315402!/autotrack.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/autotrack.min.js
last-modified
Tue, 09 Mar 2021 18:43:24 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
jquery.cookie.min.js
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path
/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
last-modified
Tue, 09 Mar 2021 18:43:24 GMT
server
nginx/1.12.2
age
45
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
805
expires
Thu, 14 Oct 2021 20:27:54 GMT
jquery-1.11.0.min.js
www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

:path
/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
last-modified
Fri, 01 Mar 2019 17:19:16 GMT
server
nginx/1.12.2
age
0
vary
User-Agent
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:54 GMT
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.174 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
instagram-p42-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 18:43:08 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4824
priority
u=3,i

Redirect headers

date
Tue, 14 Sep 2021 20:27:54 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
odn
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
styles-b-7.22686
www.correiodopovo.com.br/cmlink/ 		320 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/styles-b-7.22686
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
28c10d39dbd6436ea5c348cdebf1b64cfcb3e5481b4cb7962bb2cb15edea2927

Request headers

:path
/cmlink/styles-b-7.22686
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/styles-b-7.22686
last-modified
Mon, 16 Aug 2021 15:22:55 GMT
server
nginx/1.12.2
age
1
x-cacheable
YES
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
231
expires
Tue, 14 Sep 2021 20:31:54 GMT
ilimpiadas-7.22631
www.correiodopovo.com.br/cmlink/ 		557 B
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/ilimpiadas-7.22631
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
ddfc533c65178bce0b634d810ac76a230f83fb71b97a1386473d12c4e643be20

Request headers

:path
/cmlink/ilimpiadas-7.22631
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/ilimpiadas-7.22631
last-modified
Thu, 22 Jul 2021 13:00:04 GMT
server
nginx/1.12.2
age
0
x-cacheable
YES
x-cache
MISS
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
expires
Tue, 14 Sep 2021 20:31:54 GMT
removetemperatura-7.22567
www.correiodopovo.com.br/cmlink/ 		193 B
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/removetemperatura-7.22567
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
2d0dc9c62ecc0bfe872a71a7ab68725ba5d4b5d14926f3a8618d4307036b0d6b

Request headers

:path
/cmlink/removetemperatura-7.22567
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/removetemperatura-7.22567
last-modified
Tue, 29 Jun 2021 13:35:06 GMT
server
nginx/1.12.2
age
0
x-cacheable
YES
x-cache
MISS
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
expires
Tue, 14 Sep 2021 20:31:54 GMT
vacinometro-7.22513
www.correiodopovo.com.br/cmlink/ 		158 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/vacinometro-7.22513
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
6171df69d9124dd84ee58ff79e2ebdc1490a4d194e3d87dae9117ac67cffa9e6

Request headers

:path
/cmlink/vacinometro-7.22513
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/vacinometro-7.22513
last-modified
Wed, 02 Jun 2021 20:02:03 GMT
server
nginx/1.12.2
age
1
x-cacheable
YES
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
157
expires
Tue, 14 Sep 2021 20:31:54 GMT
patrocinio-topo-7.22393
www.correiodopovo.com.br/cmlink/ 		581 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/patrocinio-topo-7.22393
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
8caaf7c6e63cad3aded9fce45edb99d62cc7050fe20a3f3ad0b20928e5a89bb6

Request headers

:path
/cmlink/patrocinio-topo-7.22393
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/patrocinio-topo-7.22393
last-modified
Sat, 03 Apr 2021 13:36:32 GMT
server
nginx/1.12.2
age
1
x-cacheable
YES
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
301
expires
Tue, 14 Sep 2021 20:31:54 GMT
eleicao3-o-7.22099
www.correiodopovo.com.br/cmlink/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/eleicao3-o-7.22099
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
ae0ed264932d9bb3f3c28163bbdc7eaa72892ed4a8c12cf98e1a33a7a2e4c8ba

Request headers

:path
/cmlink/eleicao3-o-7.22099
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/eleicao3-o-7.22099
last-modified
Fri, 13 Nov 2020 12:20:54 GMT
server
nginx/1.12.2
age
35
x-cacheable
YES
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
1659
expires
Tue, 14 Sep 2021 20:31:54 GMT
grid-o-7.21805
www.correiodopovo.com.br/cmlink/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/grid-o-7.21805
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
36a0fdd13cce7e986a18a3cbc8a4d911ccbf142784ab5f5423deb6e194f8b22c

Request headers

:path
/cmlink/grid-o-7.21805
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/grid-o-7.21805
last-modified
Wed, 16 Jun 2021 12:00:19 GMT
server
nginx/1.12.2
age
35
x-cacheable
YES
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
8094
expires
Tue, 14 Sep 2021 20:31:54 GMT
cssbellamais-7.21806
www.correiodopovo.com.br/cmlink/ 		748 B
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/cssbellamais-7.21806
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
e46b13d56b9bb902267a4edf33332c9ce8d6bb7581bf3d41071d4385b6506c8d

Request headers

:path
/cmlink/cssbellamais-7.21806
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/cssbellamais-7.21806
last-modified
Wed, 30 Sep 2020 20:24:59 GMT
server
nginx/1.12.2
age
15
x-cacheable
YES
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
285
expires
Tue, 14 Sep 2021 20:31:54 GMT
com.atex.gong.paywall.membership.js
www.correiodopovo.com.br/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/js/com.atex.gong.paywall.membership.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Request headers

:path
/js/com.atex.gong.paywall.membership.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 86400.000 /js/com.atex.gong.paywall.membership.js
last-modified
Thu, 04 Oct 2018 03:33:34 GMT
server
nginx/1.12.2
age
33545
x-cache
HIT
content-type
application/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2011
expires
Thu, 14 Oct 2021 20:27:54 GMT
ws-GTAYHGT2.js
wfpscripts.webspectator.com/bootstrap/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 16:04:01 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"b0dccc480294ce8e2bfa6b534879b285"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=31536000
denakop.js
v3.denakop.com/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/denakop.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2372b89dea77bc9c1a006418bdeedfa47363b1a72de56a4a12fcc38a332cf18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 27 Aug 2021 19:54:02 GMT
server
cloudflare
etag
W/"612942da-d292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=3600
cf-ray
68ec5bd5c84d4108-PRG
cf-bgj
minify
barra.js
barra.r7.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/barra.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:28 GMT
server
AkamaiNetStorage
etag
"703e196e3c0da18c7b8365fb7bd025d7:1618419748.848626"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=170915
accept-ranges
bytes
content-length
8872
Correio_do_Povo_branco.png
portal.correiodopovo.com.br/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correio_do_Povo_branco.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Mon, 15 Jul 2019 19:56:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e0743667473bd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3706
Correio_do_Povo.png
portal.correiodopovo.com.br/imagens/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correio_do_Povo.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Mon, 15 Jul 2019 19:56:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e99a3667473bd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
15396
linkedin.png
portal.correiodopovo.com.br/imagens/social/ 		347 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/linkedin.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Fri, 28 Aug 2020 14:48:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"282b6474a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
347
instagram.png
portal.correiodopovo.com.br/imagens/social/ 		676 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/instagram.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Fri, 28 Aug 2020 14:48:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a8a1ae4d4a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
676
facebook.png
portal.correiodopovo.com.br/imagens/social/ 		295 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/facebook.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Fri, 28 Aug 2020 14:48:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"dfbde25b4a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
295
youtube.png
portal.correiodopovo.com.br/imagens/social/ 		382 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/youtube.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Fri, 28 Aug 2020 14:49:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e2d595674a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
382
twitter.png
portal.correiodopovo.com.br/imagens/social/ 		484 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/twitter.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Fri, 28 Aug 2020 14:49:09 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e73b13634a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
484
hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47

Request headers

:path
/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
24267
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4874
expires
Thu, 14 Oct 2021 20:27:55 GMT
pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43

Request headers

:path
/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
20789
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4136
expires
Thu, 14 Oct 2021 20:27:55 GMT
bella_preto.png
portal.correiodopovo.com.br/imagens/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/bella_preto.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Mon, 28 Sep 2020 22:24:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c02610e695d61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
40820
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
3a68e8c4084bccfa7c7f64bd3b98d949b4704ff9e1c26b73b6e018f6dddb1dd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TEZWECWCdB4f74uOL8uk8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"493ad22eab2a8e36777feae0c6e1d4bf"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-TEZWECWCdB4f74uOL8uk8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:55 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.690585:1631636567/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690585:1631636567/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
7494597792ec760b3199f35e90b4388acf058e30440e5f113945b85cd4788215

Request headers

:path
/image/policy:1.690585:1631636567/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
5734
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4746
expires
Thu, 14 Oct 2021 20:27:55 GMT
image.jfif
www.correiodopovo.com.br/image/policy:1.690748:1631649934/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690748:1631649934/image.jfif?a=2%3A1&q=0.6&w=360&$p$a$q$w=45e4cfc
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
0c4031d9d79f9a6e52d6b68c3771ad296cb0e037e774f66b1d638cab0a8f8c9a

Request headers

:path
/image/policy:1.690748:1631649934/image.jfif?a=2%3A1&q=0.6&w=360&$p$a$q$w=45e4cfc
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
age
152
x-original-image-width
696
v
5
x-rendered-image-height
180
x-cache
HIT
content-length
12364
x-cache-rule
YES with ttl: 600.000 /image/policy:1.690748:1631649934/image.jfif?a=2%3A1&q=0.6&w=360&$p$a$q$w=45e4cfc
x-original-image-height
349
server
nginx/1.12.2
x-rendered-image-width
360
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
expires
Tue, 14 Sep 2021 20:32:55 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.690747:1631649926/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690747:1631649926/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
5d4273f95da9b3658007906072956b9dbd2130e19ceaf1c4811b33343888fe80

Request headers

:path
/image/policy:1.690747:1631649926/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
10503
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
12444
expires
Thu, 14 Oct 2021 20:27:55 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.690736:1631649131/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690736:1631649131/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
d97a251770d76594a61955398a1b99cd6503deaa7e87f734e672538bbb2a802d

Request headers

:path
/image/policy:1.690736:1631649131/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
11119
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
13518
expires
Thu, 14 Oct 2021 20:27:55 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.690725:1631648444/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690725:1631648444/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
a7d347418b900fe71f28018085f709289511422f11fad3573c6ef5374ff0c2ed

Request headers

:path
/image/policy:1.690725:1631648444/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
14027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16816
expires
Thu, 14 Oct 2021 20:27:55 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.690727:1631648534/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690727:1631648534/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
61d54cb9c30b7d10515500855a403673a3f232c872032cd5f3c0f449d8febd47

Request headers

:path
/image/policy:1.690727:1631648534/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
7262
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
7092
expires
Thu, 14 Oct 2021 20:27:55 GMT
Correiodopovo_horizontal.png
portal.correiodopovo.com.br/imagens/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correiodopovo_horizontal.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Mon, 21 Sep 2020 16:18:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0b593d53290d61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35024
bootstrap.min.js
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

:path
/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
Imager.min.js
www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/Imager.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836

Request headers

:path
/polopoly_fs/3.159.1615315419!/Imager.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.159.1615315419!/Imager.min.js
last-modified
Tue, 09 Mar 2021 18:43:39 GMT
server
nginx/1.12.2
age
45
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2295
expires
Thu, 14 Oct 2021 20:27:55 GMT
jquery.cookie.min.js
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path
/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
last-modified
Tue, 09 Mar 2021 18:44:12 GMT
server
nginx/1.12.2
age
45
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
805
expires
Thu, 14 Oct 2021 20:27:55 GMT
users.min.js
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 		810 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/users.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151

Request headers

:path
/polopoly_fs/3.191.1615315451!/users.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/users.min.js
last-modified
Tue, 09 Mar 2021 18:44:12 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
persona.min.js
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 		441 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/persona.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e

Request headers

:path
/polopoly_fs/3.194.1594145527!/persona.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/persona.min.js
last-modified
Tue, 07 Jul 2020 18:12:08 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
poll.min.js
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/poll.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f

Request headers

:path
/polopoly_fs/3.302.1615315537!/poll.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/poll.min.js
last-modified
Tue, 09 Mar 2021 18:45:37 GMT
server
nginx/1.12.2
age
45
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
577
expires
Thu, 14 Oct 2021 20:27:55 GMT
autosize.min.js
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/autosize.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123

Request headers

:path
/polopoly_fs/3.259.1551461019!/autosize.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/autosize.min.js
last-modified
Fri, 01 Mar 2019 17:23:39 GMT
server
nginx/1.12.2
age
44
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
890
expires
Thu, 14 Oct 2021 20:27:55 GMT
video.js
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd

Request headers

:path
/polopoly_fs/3.256.1551461012!/video.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.js
last-modified
Fri, 01 Mar 2019 17:23:32 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
tags.carousel.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.carousel.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
44
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11209
expires
Thu, 14 Oct 2021 20:27:55 GMT
tags.navigation.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.navigation.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
44
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3030
expires
Thu, 14 Oct 2021 20:27:55 GMT
owl.carousel.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/owl.carousel.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
social-auth.min.js
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		490 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd

Request headers

:path
/polopoly_fs/3.212.1615315469!/social-auth.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.min.js
last-modified
Tue, 09 Mar 2021 18:44:30 GMT
server
nginx/1.12.2
age
44
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
303
expires
Thu, 14 Oct 2021 20:27:55 GMT
fotorama.js
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/fotorama.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

:path
/polopoly_fs/3.203.1615315462!/js/fotorama.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/js/fotorama.js
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
44
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16159
expires
Thu, 14 Oct 2021 20:27:55 GMT
namespace.min.js
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		220 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/namespace.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0

Request headers

:path
/polopoly_fs/3.200.1615315459!/namespace.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/namespace.min.js
last-modified
Tue, 09 Mar 2021 18:44:20 GMT
server
nginx/1.12.2
age
44
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
178
expires
Thu, 14 Oct 2021 20:27:55 GMT
SearchElement.min.js
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		549 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7

Request headers

:path
/polopoly_fs/3.200.1615315459!/SearchElement.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.min.js
last-modified
Tue, 09 Mar 2021 18:44:20 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
personalization.min.js
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 		887 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/personalization.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31

Request headers

:path
/polopoly_fs/3.197.1615315455!/personalization.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/personalization.min.js
last-modified
Tue, 09 Mar 2021 18:44:15 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
526
expires
Thu, 14 Oct 2021 20:27:55 GMT
infiniteScroll.js
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c

Request headers

:path
/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
45
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
875
expires
Thu, 14 Oct 2021 20:27:55 GMT
funcoes.js
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/funcoes.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647

Request headers

:path
/polopoly_fs/3.163.1615315420!/js/funcoes.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/funcoes.js
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
plugin.min.js
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 		192 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/plugin.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0

Request headers

:path
/polopoly_fs/3.153.1615315412!/plugin.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/plugin.min.js
last-modified
Tue, 09 Mar 2021 18:43:32 GMT
server
nginx/1.12.2
age
45
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
151
expires
Thu, 14 Oct 2021 20:27:55 GMT
gtm.js
www.googletagmanager.com/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2b553dd0c64df2af51f3614816129e8bf519739d18e48c049bda1ee31b66ff3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38987
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:27:55 GMT
all.min.js
plugins.soclminer.com.br/v3/sdk/ 		129 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42392
x-amz-request-id
SQ82RKKDW3PA3XZ0
x-amz-id-2
OKTFc8itn+rdjrsp4S+6U8Gwu+yUTOZvMiiFfFZZ2fvmiVqixsM4lbJ9kSae0KRqwtKbrAk/g/I=
last-modified
Tue, 27 Apr 2021 23:29:34 GMT
server
cloudflare
etag
W/"5add67ef8194e067ee0fd36a665defc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiX%2BLsYko3rSxcCUH81prYEeVyrbXRkICQjhsXezU1jnT9dPRKtKFVeIzAueldma0ZUz0Pj4bQXs5GwRfnwvL1Y8w34NeRnzm1HqWhB%2B09Zr6GEemSSRfgoop8r4aKhvmmcxbfPyAISb3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
68ec5bda0b3a4132-PRG
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbafaf5f3b775195fe396c0990c8297310b70870c228c15f047ff16a636ee4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Sep 2021 11:58:06 GMT
server
cloudflare
age
2590
etag
W/"6139f6ce-39a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
68ec5bd65e042794-PRG
content-type
application/javascript
expires
Tue, 14 Sep 2021 20:44:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
mn6nCZK81QSlvuOcNXWUDCIHZTGuThvH3K6Rc4VT8qno3sxxruXJz08tNsJvTfx9GNMWq1IkgTpmV3aE8HMn1A==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:27:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2021090701.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
sffe /
Resource Hash
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119497
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 08:38:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Sep 2021 20:27:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		174 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
cafe /
Resource Hash
90492bd32e00f652bff39848d4aeb7c3692c028e3fccb003cd250463e0d763e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:27:54 GMT
init
webservices.webspectator.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1631651275046
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-18-4.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
a6c7dc957a8be010a2bb9847f248a8fd3783fbf952c35be318d05fe05cd0a3c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:55 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:38:45 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
23759
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
siOheIAQ2P48rrSqM2rCh79jeUWFe5fmEoyS_LTIBcWKnJqSq0_Ftg==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 21 Sep 2021 20:27:55 GMT
loader.js
cdn.taboola.com/libtrc/correiodopovo/ 		390 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e213ce725ac5cc0c6b84730c4550a6e4ca008d78417f460447c1cb3e3d42ed7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
t9x27SkZ5q5ZLogiLB_WbW3JRT1M_bmg
content-encoding
gzip
etag
"2dab6148c5ee7c16cff76276095bf3e5"
age
49
x-cache
HIT
content-length
32730
x-amz-id-2
TCAaTE3aMkTA42gBSK/sO6E11dl+SYCVkFC9uh7OpBcT1mIKxX7ntlwuL8vF1FyEteiYYJpAb4M=
x-served-by
cache-hhn11547-HHN
last-modified
Tue, 14 Sep 2021 08:47:44 GMT
server
AmazonS3
x-timer
S1631651275.299014,VS0,VE1
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding
x-amz-request-id
PFQARN1TBJWY3W66
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
98
x-cache-hits
1
newsroom.js
c2.taboola.com/nr/correiodopovo/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/correiodopovo/newsroom.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"6d0a3d0a56a0d3318f9c30ce3d5680fb"
age
49
x-cache
HIT
content-length
16138
x-amz-id-2
tlA6/Bhve48iaLWZL9nJqV0WKPVv/lKjPI3kRnGKOTu38+Dm4EXtuNeD2PbdCeM/cpgWM0mYU4k=
x-served-by
cache-hhn11566-HHN
last-modified
Fri, 04 Sep 2020 23:39:48 GMT
server
AmazonS3
x-timer
S1631651275.299044,VS0,VE1
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding
x-amz-request-id
QA2JH4H8ZQKWBJNC
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
css
fonts.googleapis.com/ 		4 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 19:40:19 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:55 GMT
58ee86211d42061afb000002
cms-media-api.r7.com/menu/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cms-media-api.r7.com/menu/58ee86211d42061afb000002
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/barra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b79dba9a9adc465369497c21ba8d16fb136688d5b410e91db88e44f4de2c7817

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:55 GMT
Content-Encoding
gzip
ETag
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
!no-store, must-revalidate, max-age=120
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3841
profiles.js
barra.r7.com/tailtarget/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/tailtarget/profiles.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:29 GMT
server
AkamaiNetStorage
etag
"8004950a941b96d9c812191aaaa6ce00:1618419749.19302"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=170916
accept-ranges
bytes
content-length
5253
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 09:39:06 GMT
x-content-type-options
nosniff
age
125329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 09:39:06 GMT
ClanOT-News.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 		95 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
73
x-cache
HIT
content-type
application/octet-stream;charset=utf-8
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
45198
expires
Thu, 14 Oct 2021 20:27:55 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 08:10:59 GMT
x-content-type-options
nosniff
age
44216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 08:10:59 GMT
glyphicons-halflings-regular.woff
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb

Request headers

:path
/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
74
x-cache
HIT
content-type
application/x-font-woff;charset=utf-8
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23186
expires
Thu, 14 Oct 2021 20:27:55 GMT
ClanOT-Book.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 		95 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
application/octet-stream;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 15:19:49 GMT
x-content-type-options
nosniff
age
277686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 15:19:49 GMT
prebid.js
tagmanager.smartadserver.com/latest/ 		640 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.smartadserver.com/latest/prebid.js
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-176.deploy.static.akamaitechnologies.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
c8d43b78caf6f8854903dd5d547b02f0fcd06dc4fc9fa844ccb7e529078de822

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 13:01:43 GMT
Server
Apache/2.4.25 (Debian)
ETag
"a001d-5cb02c8d181c3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
204847
correiodopovo.com.br
v3.denakop.com/ad-request/10102/desktop/ 		581 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/ad-request/10102/desktop/correiodopovo.com.br
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ac7b2af634f971a13cbcdc11ede132fbb2b0979729087ccaa6475106c3879a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
private, max-age=1800
access-control-allow-credentials
true
cf-ray
68ec5bd6a9ca4108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:17:39 GMT
x-content-type-options
nosniff
age
184216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:29 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:17:39 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 15:01:59 GMT
x-content-type-options
nosniff
age
278756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 15:01:59 GMT
profiles.js
d.tailtarget.com/ Frame 85F1 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 07:50:37 GMT
content-encoding
gzip
age
45438
x-guploader-uploadid
ADPycdu3tZM5dOpdN8KTU1ZVL80mtYSKqgSxLYgOu0XUcBenD2h6m8ERhwx-7MoO3y_jVdZXOiHqT1f3kkg65JcmZgwgLfEp1g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5285
last-modified
Mon, 19 Apr 2021 15:43:34 GMT
server
UploadServer
etag
"603f25fd36318626ab410174bd3e1cd3"
x-goog-hash
crc32c=QOm0Sg==, md5=YD8l/TYxhiarQQF0vT4c0w==
content-language
en
x-goog-generation
1618847014064238
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Sep 2021 07:50:37 GMT
hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df

Request headers

:path
/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
189676
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
22188
expires
Thu, 14 Oct 2021 20:27:55 GMT
juremir.png
www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209

Request headers

:path
/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
176728
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18528
expires
Thu, 14 Oct 2021 20:27:55 GMT
taline.png
www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea

Request headers

:path
/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
190658
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18710
expires
Thu, 14 Oct 2021 20:27:55 GMT
gonzaga.png
www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747

Request headers

:path
/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
194247
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21096
expires
Thu, 14 Oct 2021 20:27:55 GMT
jurandir.png
www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b

Request headers

:path
/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
169649
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21864
expires
Thu, 14 Oct 2021 20:27:55 GMT
guilherme.png
www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109

Request headers

:path
/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
157332
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15166
expires
Thu, 14 Oct 2021 20:27:55 GMT
alexandre.png
www.correiodopovo.com.br/image/policy:1.488037:1601342579/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb

Request headers

:path
/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
172753
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17428
expires
Thu, 14 Oct 2021 20:27:55 GMT
conill.png
www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4

Request headers

:path
/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
141166
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15134
expires
Thu, 14 Oct 2021 20:27:55 GMT
Prancheta%2048.png
www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913

Request headers

:path
/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
164232
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17390
expires
Thu, 14 Oct 2021 20:27:55 GMT
bessi.png
www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e

Request headers

:path
/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
176614
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18416
expires
Thu, 14 Oct 2021 20:27:55 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94977
x-xss-protection
0
server
cafe
etag
10103688518249724071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame F6CA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 20:03:05 GMT
expires
Tue, 28 Sep 2021 20:03:05 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
1490
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
23925
tag.navdmp.com/u/ 		602 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/23925
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4a15dc57fc623f2eaaabfb43a28eef41d64175ab3a8a5298bfe3ee4df17b5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:44:57 GMT
server
cloudflare
etag
W/"6137b329-25a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
68ec5bd75fe82794-PRG
content-type
application/javascript
expires
Tue, 14 Sep 2021 21:27:55 GMT
load.js
widget.perfectmarket.com/correiodopovo/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/correiodopovo/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
OX_wFyoLLxdy6CvRXTBfoc.VwLgDWCuR
content-encoding
gzip
etag
"958ac9562841470c9f6dee2a6538099e"
age
49
x-cache
HIT, HIT
content-length
1253
x-amz-id-2
5UfEDOifRQuRHlWp0n81dQ6yYqT8ldoOQoE4LE12VevFKAprVOmJw4K7I9/vf4PvHLH+EfcNH/c=
x-served-by
cache-sna10747-LGB, cache-hhn11528-HHN
last-modified
Thu, 09 Apr 2020 05:41:41 GMT
server
AmazonS3
x-timer
S1631651275.481787,VS0,VE1
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding,,
x-amz-request-id
J97XD46JN0XEE57T
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20210914-3-RELEASE.js
cdn.taboola.com/libtrc/ 		527 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
eab04a6e65571903da729fd95957b197fafbe3baf4fdb7e39a3edabba4794f12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
9h8ONwvbCJp56eW5nRVLsBc7z5qb2w.c
content-encoding
br
etag
"eecc447cd9623bf6dfa64846b1979187"
age
13721
x-cache
HIT
content-length
119447
x-amz-id-2
t4J8/BzWJ29pEmihv+U1tadaYQw5FkdixIhSiBXqiBsvSHyff1P5FaCK8N2TadaQDSw3vCw6OHk=
x-served-by
cache-hhn11547-HHN
last-modified
Tue, 14 Sep 2021 08:31:16 GMT
server
AmazonS3-br
x-timer
S1631651275.439388,VS0,VE0
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding
x-amz-request-id
4CPGKDSZSPEGABFV
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
51
x-cache-hits
133455
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.c...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo....
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
P652dI7Fo-0v8mMgC5e_97_mhd8HeIxwduXwCdmj8owJfSRCW_eeEg==

Redirect headers

date
Tue, 14 Sep 2021 20:27:55 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
content-length
236
x-amz-cf-id
NFmGZ2DNHlG_eqXJWQ0-MzWvxqgovRLghO0dTbN8USKe2Pyhv4R_4A==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodop...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodo...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
lVzr_k99LprGqIEDaNBZFPuoEON1kdvJ7rYmhMurRPt9oblHK510TA==

Redirect headers

date
Tue, 14 Sep 2021 20:27:55 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631651275431&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
content-length
241
x-amz-cf-id
4GMWUGZs1qfpJzcBDSC-X1ZAt4Vx8GaDd_rzWbmkr67VhTMgEIekew==
rules-p-HGAVM7nQJ_sep.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:30:09 GMT
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
age
10667
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:26:00 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
gj-E0vBKZYUz-aZ7wY_AoD5FK_oZ3msrU6YveV8QnQCNi7S4Ds0MoA==
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0787db137767c8047d78ace7ae1c3377780b931047065ee7e8636052d2da28fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51689
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:27:55 GMT
329022_2819.js
receiver.posclick.dinamize.com/forms/js/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://receiver.posclick.dinamize.com/forms/js/329022_2819.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software
Dinamize-PcReceiver /
Resource Hash
961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 20:27:55 GMT
server
Dinamize-PcReceiver
etag
2021-08-26 15:16:41.503236584 -0300 -03 m=+8554998.576534822
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
content-length
24502
get-action
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 		132 B
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/correiodopovo/get-action?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=395332711668963427&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48315c0150f3cff66ce4058981f7d1593f1ed337025108837725a35b036be9cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

tbl-x-upstream
10.45.108.106:8080
date
Tue, 14 Sep 2021 20:27:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651275.480561,VS0,VE10
x-served-by
cache-hhn11566-HHN
x-cache
MISS
content-type
application/json;charset=UTF-8
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
profile
d.t.tailtarget.com/ Frame 85F1 		92 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
clear
expires
Tue, 14 Sep 2021 21:27:55 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210914
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30372f3372a2b53b545fec26905f0c64154fdaf0d8c820263d8ce42bff7d42cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
18024
x-jsd-version
1.0.1100
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
938
etag
W/"693-VWc4XHMPT8Q5gofGrXeKt4ADKCY"
x-served-by
cache-fra19163-FRA, cache-hhn4071-HHN
x-jsd-version-type
version
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
204496277643064
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/204496277643064?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
e9c3970ca6455b9f438053b4f875d1451dd9af05b1ea06794db9b75123353624
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89181
x-xss-protection
0
pragma
public
x-fb-debug
ILy2YPROJtzvWqSRMymRr4xsdiUxOSaCWOyEmT4Z7Uv3IJv8mo57yVBiv8+DsqzFcqt1vHesbA5gZ+hhMl0Ndw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:27:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dialogosnovo.png
www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d

Request headers

:path
/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
11381
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3930
expires
Thu, 14 Oct 2021 20:27:55 GMT
cenarock.png
www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97

Request headers

:path
/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
42068
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4618
expires
Thu, 14 Oct 2021 20:27:55 GMT
cinecp.png
www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624

Request headers

:path
/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
28419
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4402
expires
Thu, 14 Oct 2021 20:27:55 GMT
seculonovo.png
www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae

Request headers

:path
/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
49818
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
8110
expires
Thu, 14 Oct 2021 20:27:55 GMT
pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a

Request headers

:path
/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
24799
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3556
expires
Thu, 14 Oct 2021 20:27:55 GMT
campereada.png
www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5

Request headers

:path
/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
24813
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4240
expires
Thu, 14 Oct 2021 20:27:55 GMT
dialogos.png
www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b

Request headers

:path
/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
8640
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3468
expires
Thu, 14 Oct 2021 20:27:55 GMT
fotocorreio.png
www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
3416dbdb9c0ca2a9d8bce8f2efd97617262481e95bf18fc2b069b5eef79792f2

Request headers

:path
/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
41706
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4160
expires
Thu, 14 Oct 2021 20:27:55 GMT
livrosamais.png
www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b

Request headers

:path
/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
40778
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
5496
expires
Thu, 14 Oct 2021 20:27:55 GMT
planocarreira.png
www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359

Request headers

:path
/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
27000
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3708
expires
Thu, 14 Oct 2021 20:27:55 GMT
carrosemotos.png
www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e

Request headers

:path
/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
26579
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4220
expires
Thu, 14 Oct 2021 20:27:55 GMT
correiofeminino.png
www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189

Request headers

:path
/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
40227
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4758
expires
Thu, 14 Oct 2021 20:27:55 GMT
logo%20of-jor02.png
www.correiodopovo.com.br/image/policy:1.515193:1604606827/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21

Request headers

:path
/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
34768
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
12048
expires
Thu, 14 Oct 2021 20:27:55 GMT
bichoamigo.png
www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390

Request headers

:path
/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
33055
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4332
expires
Thu, 14 Oct 2021 20:27:55 GMT
/
vacina.saude.rs.gov.br/ Frame C02E 		6 MB
1 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0 ASP.NET
Resource Hash

Request headers

:method
GET
:authority
vacina.saude.rs.gov.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 13:59:52 GMT
accept-ranges
bytes
etag
"59c7e5-5cbf4feecd8ce"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0 ASP.NET
date
Tue, 14 Sep 2021 20:27:58 GMT
notify-impression
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/correiodopovo/notify-impression?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=395332711668963427&page.template=home&page.dashboard=home
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

tbl-x-upstream
10.44.87.70:8080
date
Tue, 14 Sep 2021 20:27:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651276.556201,VS0,VE8
x-served-by
cache-hhn11566-HHN
x-cache
MISS
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
MILHO_COLHEITA200413A.jpg
www.correiodopovo.com.br/image/policy:1.689607:1631474352/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.689607:1631474352/MILHO_COLHEITA200413A.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=daa9349&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
a45ee891fa724b2745c110bcc2082cd2c688625a791fa8baec5735ab0354035d

Request headers

:path
/image/policy:1.689607:1631474352/MILHO_COLHEITA200413A.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=daa9349&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
26158
expires
Thu, 14 Oct 2021 20:27:55 GMT
debate_ms4.JPG
www.correiodopovo.com.br/image/policy:1.689100:1631325883/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.689100:1631325883/debate_ms4.JPG?a=1%3A1&q=0.9&w=250&$p$a$q$w=8bf5eb7&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
9578eea9ce34a90386400400d88eed02ee81c192c0a4acd074c4b3cf49809c06

Request headers

:path
/image/policy:1.689100:1631325883/debate_ms4.JPG?a=1%3A1&q=0.9&w=250&$p$a$q$w=8bf5eb7&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15980
expires
Thu, 14 Oct 2021 20:27:55 GMT
WhatsApp%20Image%202021-09-09%20at%2013.39.03.jpeg
www.correiodopovo.com.br/image/policy:1.688009:1631205957/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.688009:1631205957/WhatsApp%20Image%202021-09-09%20at%2013.39.03.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=190005b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
3e3b81539846e9c12998bf9e9e0f39faa9b02ae7f79dba4fa7d3c1d3c47b569f

Request headers

:path
/image/policy:1.688009:1631205957/WhatsApp%20Image%202021-09-09%20at%2013.39.03.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=190005b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
9732
expires
Thu, 14 Oct 2021 20:27:55 GMT
NOITEDOSMUSEUS2019_PUBLICO190518J.jpg
www.correiodopovo.com.br/image/policy:1.532081:1607100841/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac

Request headers

:path
/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14188
expires
Thu, 14 Oct 2021 20:27:55 GMT
CABINEDEVOTACAODOTREPOA.jpg
www.correiodopovo.com.br/image/policy:1.520273:1605302767/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608

Request headers

:path
/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
6594
expires
Thu, 14 Oct 2021 20:27:55 GMT
INCENDIONAAMAZONIA190825.jpg
www.correiodopovo.com.br/image/policy:1.456793:1595967208/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a

Request headers

:path
/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
23524
expires
Thu, 14 Oct 2021 20:27:55 GMT
CONFLITONAALEMANHAEM1920.jpg
www.correiodopovo.com.br/image/policy:1.406675:1584663803/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c

Request headers

:path
/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
29062
expires
Thu, 14 Oct 2021 20:27:55 GMT
gremiocoronaGT13.jpg
www.correiodopovo.com.br/image/policy:1.406650:1584655134/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4

Request headers

:path
/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
9148
expires
Thu, 14 Oct 2021 20:27:55 GMT
WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg
www.correiodopovo.com.br/image/policy:1.401717:1582743154/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4

Request headers

:path
/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14730
expires
Thu, 14 Oct 2021 20:27:55 GMT
000_1P67ML.jpg
www.correiodopovo.com.br/image/policy:1.401058:1582333779/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484

Request headers

:path
/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
20584
expires
Thu, 14 Oct 2021 20:27:55 GMT
CONCEICAOEVARISTO.jpg
www.correiodopovo.com.br/image/policy:1.397524:1580848385/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2

Request headers

:path
/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14550
expires
Thu, 14 Oct 2021 20:27:55 GMT
the-dead-line-in-the-raod-1175899-1599x1024.jpg
www.correiodopovo.com.br/image/policy:1.392853:1578957861/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
df292e576d920c811566245a5aee06b4ec6ea03d228cbc7053bb0662a4b70913

Request headers

:path
/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
2338
expires
Thu, 14 Oct 2021 20:27:55 GMT
IAR%202019-79.jpg
www.correiodopovo.com.br/image/policy:1.377823:1572903045/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb

Request headers

:path
/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16342
expires
Thu, 14 Oct 2021 20:27:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
cafe /
Resource Hash
7a2d09c26e21338033ac946d9863e14e073d55d009436a4858edd698ae4f4795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1DBA 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1631651275&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651275331&bpp=3&bdt=897&idt=221&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=508110068192&frm=20&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651276&ga_hid=1162761989&ga_fc=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C44748553%2C31062297%2C31062528&oid=3&pvsid=599572198568463&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1631651275&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651275331&bpp=3&bdt=897&idt=221&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=508110068192&frm=20&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651276&ga_hid=1162761989&ga_fc=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C44748553%2C31062297%2C31062528&oid=3&pvsid=599572198568463&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Sep 2021 20:27:55 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 20:42:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Sep 2021 20:27:55 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:27:55 GMT
pixel;r=1454665558;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F;ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F;uht=2;fpan=1;fpa=P0-139205027-1631651275598;pbcn=u;p...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1454665558;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F;ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F;uht=2;fpan=1;fpa=P0-139205027-1631651275598;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;d=correiodopovo.com.br;je=0;sr=1600x1200x24;dst=0;et=1631651275598;tzo=0;ogl=title.Correio%20do%20Povo%2Csite_name.Correio%20do%20Povo%2Curl.https%3A%2F%2Fwww%252Ecorreiodopovo%252Ecom%252Ebr%2F%2Cdescription.%2Ctype.website
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pmk-202003261.4.js
widget.perfectmarket.com/correiodopovo/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/correiodopovo/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/correiodopovo/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
kqTxPFH_D9zExzTB0PjSGPERIWhbAJJ0
content-encoding
gzip
etag
"722c612becdf55d8463d1c4ea96bd7ea"
age
5990871
x-cache
HIT, HIT
content-length
30933
x-amz-id-2
NtWIVjnoQcFJrzNc71WGXzyBv6P8BLgpjL/7y8LJJtIt8KmL6VzoCBeM9Lw1kbLXAYXnJm+crUo=
x-served-by
cache-sna10737-LGB, cache-hhn11528-HHN
last-modified
Thu, 09 Apr 2020 05:41:41 GMT
server
AmazonS3
x-timer
S1631651276.614174,VS0,VE1
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding,,
x-amz-request-id
VD8AESTF3EKX7DQ0
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
6, 1
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
36898d0bdb4c15f01278cab9a1a5f8f1ce3612c2db490f82e51daa72bce85159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 08:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85015
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 08:14:55 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f14.1e100.net
Software
ESF /
Resource Hash
1368d75ee5fe253d7d899d4674aa73d81a0d4b5339435e4dd2fe3268256f0d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Tue, 14 Sep 2021 20:27:55 GMT
collect
www.google-analytics.com/g/ 		0
374 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-B73LS4GNNN&gtm=2oe9d0&_p=1162761989&sr=1600x1200&ul=en-us&cid=1947967339.1631651276&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dr=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&dt=Correio%20do%20Povo&sid=1631651275&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usr
usr.navdmp.com/ 		358 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=23925&u=1&new=1&wst=0&wct=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31219fa5cd3ec8ce2c492893f3699f3d62f4e4de92341041afafe2300213a113

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5bd8fab12794-PRG
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Tue, 14 Sep 2021 21:27:55 GMT
/
opi.navdmp.com/ 		2 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://opi.navdmp.com/?v=7&url=https://www.correiodopovo.com.br/?&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/92.0.4515.159%20Safari/537.36
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
68ec5bda0c214119-PRG
content-length
2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=correiodopovo.com.br&host=www.correiodopovo.com.br&success=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
capajornal.aspx
portal.correiodopovo.com.br/includes/input/ Frame C002 		224 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b915dacf4f3a427a25aada1ca30a84d00d5048df0ec0362581e87d1200b0a5a

Request headers

:method
GET
:authority
portal.correiodopovo.com.br
:scheme
https
:path
/includes/input/capajornal.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
_dlt=1; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

cache-control
public, max-age=574
content-type
text/html; charset=utf-8
expires
Tue, 14 Sep 2021 20:37:30 GMT
last-modified
Tue, 14 Sep 2021 20:07:30 GMT
vary
*
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Tue, 14 Sep 2021 20:27:55 GMT
content-length
224
index.php
stg.truvidplayer.com/ 		977 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=9474250438634148
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-4.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
9337895901faa9db7b1ca3d23ff0b79de5903c4df4fbeba18c64cbd35bf615fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
x-amz-cf-id
D-YPsOm2WGC6AbBpuKGLNVWLMZRnmRsgdoWrELQ9wRgX9QXsQAw71A==
1
paywall.correiodopovo.com.br/wid/script/ 		376 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/?&is_visitor=true&is_freemium=true&is_customer=true
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.20.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-20-194.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:56 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
376
Content-Type
text/plain;charset=UTF-8
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204496277643064&ev=PageView&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&if=false&ts=1631651275761&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.2.1631651275760.1285113563&it=1631651275511&coo=false&rqm=GET
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 14 Sep 2021 20:27:55 GMT
client:platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
b146e47043207e55d806094e8ead9a906a5c1ed9e5f8a69b68c178cdfb5fa0f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aykJcQYovyUo17IB+d/85w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"c8f4f8914be2c851685aae86ec009476"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-aykJcQYovyUo17IB+d/85w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:55 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
18553dd1410cc7d4f5e3276a37f77d6440cdb7a87cf7a9fe59164668f7280fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
foBRC9LZYvD9+IPLH8KSOA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
oAgjZWtuMRZhDXeUC71ykMQgvnTwQDMj/qCW9KSUNSeRmNWYxUV3sUG9PrU7hLqJg/frpxP5CVff9iaVqN4WAQ==
x-fb-content-md5
ead7567376f239ce64eda150d741f8de
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:27:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"809e94f560e9a018773436e95df5a16f"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Sep 2021 20:41:02 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/6711)
Age
1342
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
p.gif
www.correiodopovo.com.br/logger/ 		43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/logger/p.gif?d=/2.200&referrer=https://www.correiodopovo.com.br.mcas.ms/
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

:path
/logger/p.gif?d=/2.200&referrer=https://www.correiodopovo.com.br.mcas.ms/
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cacheable
NO:Not-Cacheable
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
image/gif
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
json
trc.taboola.com/correiodopovo/trc/3/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/correiodopovo/trc/3/json?tim=20%3A27%3A55.821&lti=deflated&data=%7B%22id%22%3A338%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1631609222114%2C%22vi%22%3A1631651275819%2C%22cv%22%3A%2220210914-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11942%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2500.984375%2C%22mw%22%3A1140%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22orig_uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22cd%22%3A8086.96875%2C%22mw%22%3A336%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CMid%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%201x1%20Home%20Page%3Dthumbnails-d%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81f0523414fdfc2ffae7adfb35cdc7228cc563a2a2a333594ccd153e12538c18

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
111
date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
server
nginx
x-timer
S1631651276.852011,VS0,VE111
x-served-by
cache-fra19178-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
t3m.js
tags.t.tailtarget.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
de57595b70447c0770b04fc4835e2f963399df7442112072858eb2f289ee28c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 18:28:47 GMT
content-encoding
gzip
age
7148
x-guploader-uploadid
ADPycdse3ll2r0L72Pl3re4cG7sSmfYJjLyVrW7Xdnu1e1FHf9Dli892zderJqa0VbnaDJeIcISFlf3EzVTSC_hWgTI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
21157
last-modified
Fri, 27 Aug 2021 18:46:59 GMT
server
nginx/1.8.1
etag
"0095ae2d92412ee5dd2e645cba52a5de"
vary
Accept-Encoding
x-goog-hash
crc32c=AP2NnQ==, md5=AJWuLZJBLuXdLmRculKl3g==
x-goog-generation
1630090019598848
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
21157
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 14 Sep 2021 20:28:47 GMT
fontawesome-webfont.woff
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b

Request headers

sec-fetch-mode
cors
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563
:path
/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
application/x-font-woff;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 20:27:55 GMT
temperaturatopo
www.correiodopovo.com.br/cmlink/ 		240 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/temperaturatopo
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
ae0045ce4597701b918384c17402ad14e391fa44e44ea8f800d159d6aff62f96

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563
:path
/cmlink/temperaturatopo
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html, */*; q=0.01
cache-control
no-cache
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/html, */*; q=0.01
Referer
https://www.correiodopovo.com.br/?
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:55 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/temperaturatopo
x-cacheable
YES
server
nginx/1.12.2
age
49
x-cache
HIT
content-type
text/html;charset=utf-8
v
5
cache-control
max-age=300
accept-ranges
bytes
content-length
163
expires
Tue, 14 Sep 2021 20:32:55 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 		738 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
8de0506a6cff07f7de09a69a51fe34aaf02a67db6838dfa445d88282814dcfe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 09:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 09:12:41 GMT
subscribe_embed
www.youtube.com/ Frame A407 		2 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
0f9f1e4f8f2b54e4ce8878df1406f009d9a504bfcf512d93514a0fb3f8b87639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
YSC=e37KAX76wBU; VISITOR_INFO1_LIVE=WNychXfzEd4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Sep 2021 20:27:55 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Wed, 19-Dec-2018 20:27:55 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+176; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postmessageRelay
accounts.google.com/o/oauth2/ Frame 1213 		566 B
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.237 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f13.1e100.net
Software
ESF /
Resource Hash
1b78dbe1e64d5c815baf1ea990f6df3544efa859a6e46bdef64771489e526561
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mmVkHvx7r+yTe0q8xo2OkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
NID=223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Sep 2021 20:27:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-mmVkHvx7r+yTe0q8xo2OkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
initcb
webservices.webspectator.com/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/initcb?appId=2782&vId=96B33EC7EF3A588B&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&sr=direct&ts=1631651275973&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1631651275046
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-18-4.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
b12a328c3ee224f2f599ddcb3b1355a89edc965aa2e549188bc4f159b1b2e47a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:56 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&ns__t=1631651275996&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
yn5yYiAegNswR8doP1m0xOE8XO8FVbgT7etIymQfXes92Xzfn1FJZg==
x-cache
Miss from cloudfront
.JPG
www.correiodopovo.com.br/image/policy:1.690640:1631641641/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690640:1631641641/.JPG?f=3x2&$p$f=18a2fc6&w=1200&$w=9c05b01
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
6ccd37e867c5fd6cc82f3e13c67835ef4d79f15387f979229dcb84b7d7f4b62b

Request headers

:path
/image/policy:1.690640:1631641641/.JPG?f=3x2&$p$f=18a2fc6&w=1200&$w=9c05b01
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
102658
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
80220
expires
Thu, 14 Oct 2021 20:27:56 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.690659:1631643325/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690659:1631643325/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
c384fb17bdc5f1284d9de41c8e98ace7d5c4e214b5e026d35c5f3d347c64f640

Request headers

:path
/image/policy:1.690659:1631643325/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
28677
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
27684
expires
Thu, 14 Oct 2021 20:27:56 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.690551:1631634052/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690551:1631634052/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
07957c91858a3dfbf0819b59c8c7049bb174f125186cb3710f6493c5df4407bb

Request headers

:path
/image/policy:1.690551:1631634052/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
28347
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
26228
expires
Thu, 14 Oct 2021 20:27:56 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.690736:1631649131/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690736:1631649131/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
0baae949f397c74cc1d69380fd842d4fcc6afba5b4dabe47a5724cc116b86407

Request headers

:path
/image/policy:1.690736:1631649131/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
29363
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
27108
expires
Thu, 14 Oct 2021 20:27:56 GMT
.jpeg
www.correiodopovo.com.br/image/policy:1.690524:1631632087/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690524:1631632087/.jpeg?f=1x2&$p$f=5a37757&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
f1bf540017992d35e9bbaa737b8c0443ce01b4b38648990ad130f25d2e41e700

Request headers

:path
/image/policy:1.690524:1631632087/.jpeg?f=1x2&$p$f=5a37757&w=360&$w=1071b2b
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
25576
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21708
expires
Thu, 14 Oct 2021 20:27:56 GMT
.jpeg
www.correiodopovo.com.br/image/policy:1.690571:1631635403/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.690571:1631635403/.jpeg?f=3x2&$p$f=c0bd4c2&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
d57133b82bc4dc50784b0626599b7a41d444311d42612f8a30204e0434a09716

Request headers

:path
/image/policy:1.690571:1631635403/.jpeg?f=3x2&$p$f=c0bd4c2&w=360&$w=1071b2b
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
11988
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
9904
expires
Thu, 14 Oct 2021 20:27:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3078
date
Tue, 14 Sep 2021 19:36:38 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 14 Sep 2021 21:36:38 GMT
prebid.js
v3.denakop.com/ 		206 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46bf91ca36c2d1ec9d95dcc4220998a120c5050d1a61616c59966f62bf98e1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1499
cf-polished
origSize=210606
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 14 Sep 2021 19:55:32 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6140fe34-336ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
68ec5bdb4a1b4108-PRG
cf-bgj
minify
req
cdn.navdmp.com/ 		6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?id=f5d0910e5004f4b634c28fbd309%7C0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68ec5bdbbfce2794-PRG
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=65985384677
  • https://sync2.navdmp.com/sync?prtid=2&id=65985384677&google_gid=CAESEIT5Ywca0968Zrhx2DQzRbQ&google_cver=1
6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=65985384677&google_gid=CAESEIT5Ywca0968Zrhx2DQzRbQ&google_cver=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68ec5bdcea2d2794-PRG
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync2.navdmp.com/sync?prtid=2&id=65985384677&google_gid=CAESEIT5Ywca0968Zrhx2DQzRbQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=114c6141-05cb-4800-a842-c3c4596b70f6
43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=114c6141-05cb-4800-a842-c3c4596b70f6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
68ec5bdc590c2794-PRG
content-length
43

Redirect headers

Date
Tue, 14 Sep 2021 20:27:56 GMT
Server
MT3 3944 2bcb57b master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.navdmp.com/sync?img=1&mdia=114c6141-05cb-4800-a842-c3c4596b70f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 14 Sep 2021 20:27:55 GMT
cms
cms.analytics.yahoo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
18870
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5990
x-amz-id-2
lol8LNjNAIlS6jr8qfZgPWBIoFJDgFzjQC95t9RuADnrZ6oz0xGB8/U9J6+t3Cla12mhfuLrNrw=
x-served-by
cache-hhn11547-HHN
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1631651276.092832,VS0,VE0
date
Tue, 14 Sep 2021 20:27:56 GMT
vary
Accept-Encoding
x-amz-request-id
2M58Y28PT8R52D5K
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
51
x-cache-hits
291058
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
utbdQZ5v14OnoTUQd.81IxLPfHveDfBr
content-encoding
gzip
etag
"11f540e55c5b728ecc4eab8bb1cfa0d4"
age
7756
x-cache
HIT
x-amz-replication-status
PENDING
content-length
707
x-amz-id-2
zKB2kjqcU4cIJ1wtofym8c1uxHT3JYRDcxf/QGPUIcoH/yit2NY6yKnieALeSX/z5iFui+haGnE=
x-served-by
cache-hhn11547-HHN
last-modified
Mon, 13 Sep 2021 10:18:26 GMT
server
AmazonS3
x-timer
S1631651276.094721,VS0,VE0
date
Tue, 14 Sep 2021 20:27:56 GMT
vary
Accept-Encoding
x-amz-request-id
AHT6FX8D3Y2ZZW9T
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
51
x-cache-hits
91540
tfa-eid.20210914-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210914-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bf16358577181bc2e62582d4b8dfc9cd6693d7c50a2389a05bab45ebf0679c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
Pb6Olor5AtvlDyVt7JOFSt2N5GQbhr2F
content-encoding
gzip
etag
"59f41a5f32c11046a9099b82c6e4a3d0"
age
98
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5062
x-amz-id-2
ItIujgfOK+0XygNsYb0lJpSJjhY7L3ZRhXQ4W1aIDoumcCr7b7qHlBfCAsEV1xXERBqOvsYZ0g0=
x-served-by
cache-hhn11547-HHN
last-modified
Tue, 14 Sep 2021 08:54:43 GMT
server
AmazonS3
x-timer
S1631651276.096022,VS0,VE0
date
Tue, 14 Sep 2021 20:27:56 GMT
vary
Accept-Encoding
x-amz-request-id
C72PXXPVZ17Z7G9V
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
51
x-cache-hits
856
sha256.20210914-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210914-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20cef199764e090ab8fa631555722da5396595402250a8871c409120c9481a2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
IkLgZCFM21pOZ3xUeQNuF9gQU9sVt81P
content-encoding
gzip
etag
"debbadf2bcb2578405c6011af191ee45"
age
85
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
kXcg3fREisZ+okwcz6DYjZHoKLrj/hznONyo6IBXVmRii9L5R45HaxDTDu7vJKoARndPCUuIZoY=
x-served-by
cache-hhn11547-HHN
last-modified
Tue, 14 Sep 2021 08:54:56 GMT
server
AmazonS3
x-timer
S1631651276.096238,VS0,VE0
date
Tue, 14 Sep 2021 20:27:56 GMT
vary
Accept-Encoding
x-amz-request-id
7DC6HS6N3GB3N8BA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
51
x-cache-hits
691
tb
15.taboola.com/ 		29 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=correiodopovo&unitType=59&tbloc=&pageType=home&pstn=Slider%20-%20Video&uuip=&cisrf=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&cirf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&encoded=1&uid=f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b&variant=-100|11760131&callback=TRC.videoTagCallbacks.videoCallback1&cb=1631651276123&tagid=&cntry=DE&platform=1&sesid=9f41de430f6ec4267ab8ca08ba4d8596&itemid=/&viewid=1631651275819&geolat=&geoing=&deviceifa=&appid=&sd=v2_9f41de430f6ec4267ab8ca08ba4d8596_f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b_1631651275_1631651275_CIi3jgYQzeNHGKvI-q--LyABKAQwODib4wlAgYoQSJOu2QNQpOwQWABgAGj9wYbU7pDul8cBcAA&ri=0ee4f74d75cf6f1e85ef0fd5bc832440&appname=&cdb=&gdprApplies=true&rid=&sii=-5703500169402860967&oee=true&tpubid=1176013&uis=4&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BW&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1211637&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4968cb84703832d3b77069cb2e6587d95445232854a5f12f24e9e02fd4c77a2

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
access-control-allow-origin
https://www.correiodopovo.com.br
machineid
1447
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11566-HHN
pragma
no-cache
server
nginx
x-timer
S1631651276.135299,VS0,VE38
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20210914-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210914-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fc85e88218b642faeb3e78264fe935fcbf5713436f92609f06120ab05208946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
W2l64_qYhzxH8ICEOJobZji7dknoYnrp
content-encoding
gzip
etag
"1a3fb8670ef1b960583df6966cc9427d"
age
84
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5341
x-amz-id-2
PG7WOjYxKPfVkr0uq0n71IZ3WACAWbyLQ28zf++Fys/PR/MMHt1SKYmoZhT2DZheFZiqlGSb3cQ=
x-served-by
cache-hhn11547-HHN
last-modified
Tue, 14 Sep 2021 08:53:57 GMT
server
AmazonS3
x-timer
S1631651276.133315,VS0,VE0
date
Tue, 14 Sep 2021 20:27:56 GMT
vary
Accept-Encoding
x-amz-request-id
EKDYZSA04YWPG0M7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
51
x-cache-hits
92
12.png
www.correiodopovo.com.br/imagens/icons/93x93/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/imagens/icons/93x93/12.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
Azion IMS /
Resource Hash
ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d

Request headers

:path
/imagens/icons/93x93/12.png
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _ga=GA1.1.1947967339.1631651276; __gads=ID=099185d53fb47ef1-22a39f6731cb0037:T=1631651275:RT=1631651275:S=ALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662; nvg23925=f5d0910e5004f4b634c28fbd309|0_258; trc_cookie_storage=taboola%2520global%253Auser-id%3Df0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
Azion IMS
x-original-image-size
2083
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
1762
expires
Thu, 14 Oct 2021 20:27:56 GMT
www-widgetapi.js
www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
447534
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44724
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:09:02 GMT
watson
opi.navdmp.com/ 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://opi.navdmp.com/watson?&url=https://www.correiodopovo.com.br/?
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
68ec5bdbdf964119-PRG
content-length
0
social
am-trc-events.taboola.com/correiodopovo/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/correiodopovo/log/3/social?route=AM:AM:V&lti=deflated&ri=0ee4f74d75cf6f1e85ef0fd5bc832440&sd=v2_9f41de430f6ec4267ab8ca08ba4d8596_f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b_1631651275_1631651275_CIi3jgYQzeNHGKvI-q--LyABKAQwODib4wlAgYoQSJOu2QNQpOwQWABgAGj9wYbU7pDul8cBcAA&ui=f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b&pi=/&wi=-5703500169402860967&pt=home&vi=1631651275819&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=20%3A27%3A56.169&id=3562&llvl=1&cv=20210914-3-RELEASE&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
198b44702f0c38d93713ee54a81be4b1.jpg
images.taboola.com/taboola/image/fetch/h_284,w_340,c_fill,g_xy_center,x_896,y_555/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_284,w_340,c_fill,g_xy_center,x_896,y_555/http%3A//cdn.taboola.com/libtrc/static/thumbnails/198b44702f0c38d93713ee54a81be4b1.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ad407ad1c85ed28e121bb12db830c5df8d1206099d70c3d56dcbbb105f3867c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish, 1.1 varnish
age
3493207
edge-cache-tag
475125915147852876409835978700126665444,374554651060688428289688043148012717951,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
27
expiration
expiry-date="Fri, 13 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/h_284,w_340,c_fill,g_xy_center,x_896,y_555/http%3A//cdn.taboola.com/libtrc/static/thumbnails/198b44702f0c38d93713ee54a81be4b1.jpg
content-length
13668
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Tue, 13 Jul 2021 09:23:52 GMT
server
nginx
x-timer
S1631651276.203214,VS0,VE1
etag
"8b2a533e36a2f6bc98b0711be601b777"
x-served-by
cache-wdc5534-WDC, cache-dca12929-DCA, cache-hhn11566-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
49cc895fb350cb12d60bb906efa03586.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49cc895fb350cb12d60bb906efa03586.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8a89ff0d566158ef4dd4ad6d09312dc129a8eecc36708ab332f4f56fd32ade1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish, 1.1 varnish
age
1474584
edge-cache-tag
566765045022013928777576741135894987718,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
33
expiration
expiry-date="Thu, 09 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49cc895fb350cb12d60bb906efa03586.jpg
content-length
20950
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 09 Aug 2021 14:45:53 GMT
server
nginx
x-timer
S1631651276.203159,VS0,VE1
etag
"e3e975f0e7dee30b5794629e9dd02cbe"
x-served-by
cache-wdc5550-WDC, cache-dca17747-DCA, cache-hhn11566-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
32319b56bbc0c05d2c8b65a96831ec26.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32319b56bbc0c05d2c8b65a96831ec26.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eebd06316be66035be6403207d61b0220b496adfdf9ec768ecd18d727b851995

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish, 1.1 varnish
age
2029716
edge-cache-tag
427832678996431168642113105992177079394,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
26
expiration
expiry-date="Sun, 19 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32319b56bbc0c05d2c8b65a96831ec26.jpg
content-length
9474
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 19 Aug 2021 09:55:28 GMT
server
nginx
x-timer
S1631651276.203097,VS0,VE0
etag
"fa0b109d4ebc38c1011b0ecbee248dab"
x-served-by
cache-wdc5563-WDC, cache-dca17783-DCA, cache-hhn11566-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
4577e8c568cd09d4bca9398caa78fe06.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4577e8c568cd09d4bca9398caa78fe06.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3136018ea6d9819e1acbb6a86f903227631742004eadd3667cb3f24c7575ae0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish, 1.1 varnish
age
1618232
edge-cache-tag
443383569138309820407003586646945395870,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
38
expiration
expiry-date="Sun, 19 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4577e8c568cd09d4bca9398caa78fe06.png
content-length
11024
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 19 Aug 2021 08:49:09 GMT
server
nginx
x-timer
S1631651276.216105,VS0,VE1
etag
"4bd140dc317a6a4ece4d0a0bdd82c02b"
x-served-by
cache-wdc5538-WDC, cache-dca12926-DCA, cache-hhn11566-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
sdk.js
connect.facebook.net/en_US/ 		228 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e58e053bf64802d3bcf764dd9c3d9d08
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
9722b8bfb6a9867b915f5988138a693206e75a063b062e55632bada771adca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6DEB0ELiKa84dmgD4LvJBw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68346
x-fb-rlafr
0
x-fb-debug
csGOJ0dV7K01ys+yOuCjZ/C5AO9ux8tSzRIwuOmAeXySfi8+VFmt8VxUc3PsymApyZrTCy/UeCiDPThtFal09A==
x-fb-content-md5
92df62997a11a37bf29de09a80a97299
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:27:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8f6d5bb45e6384a1ec55cfe133bc80ab"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 14 Sep 2022 20:05:46 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
1b62dfc263653ef6f5d33b9bcc4b34419bf1cfd69f607162ebce3844c37b3ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24566
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 14 Sep 2022 19:15:12 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame E759 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
80901
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Sep 2021 20:27:56 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
req
cdn.navdmp.com/ 		6 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?id=f5d0910e5004f4b634c28fbd309%7C0&v=7&acc=23925&tit=Correio%2520do%2520Povo&url=https%253A%2F%2Fwww.correiodopovo.com.br%2F%253F&upd=1&new=1&ref=https%253A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68ec5bdc99682794-PRG
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
UnitSliderDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.0/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
155b36117f46d5d84fb616cb2c16b136faec4ba1ba931dbca4d3ff303bb586ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront), 1.1 varnish
age
2029926
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
27752
x-served-by
cache-hhn11566-HHN
last-modified
Sat, 07 Aug 2021 09:02:26 GMT
server
AmazonS3
x-timer
S1631651276.255809,VS0,VE1
etag
"be3d4abcc81c94f68801baf49b47998c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
8yuOJQdMsbTfpit5zucvjOiioAkyGcfQD4ek3slaSSZV4VmQIqllIA==
x-cache-hits
48773
prebid
ib.adnxs.com/ut/v3/ 		357 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
779e94bd078d81cd6d9e00382cc03a8b357c4e04ec959ab528f415d640cfa486
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:56 GMT
X-Proxy-Origin
216.131.114.205; 216.131.114.205; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9e19a2a6-e2ae-4714-91f1-df586151f18e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
357
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Tue, 14 Sep 2021 20:27:56 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
be688050e97f77c66c91a97b8248843a4dcb216b846a1ac2641167fbdb7df516

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Sep 2021 20:27:56 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
4ff104d3c2fb338b96c32ad048513ffcbedb87d1b6411f85436ed6724cec9926

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Sep 2021 20:27:56 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
7ceaa15a974011f7820b42a17e35183ca366ae20ff9a4fd552fbb16b4452f337

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Sep 2021 20:27:56 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e87e8a9be0a44ea89fb520ce95e742e0fa2491b3d73687bab5e2f00ba71d51ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:56 GMT
X-Proxy-Origin
216.131.114.205; 216.131.114.205; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d3666800-7618-407d-aee3-6d899b132a7d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
361
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame A407 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 08:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
age
44052
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
expires
Wed, 14 Sep 2022 08:13:44 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame A407 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
age
198736
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
expires
Mon, 12 Sep 2022 13:15:40 GMT
ortc-heartbeat1sec-min.js
wfpscripts.webspectator.com/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=96B33EC7EF3A588B&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&sr=direct&ts=1631651275973&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
last-modified
Wed, 30 Nov 2016 17:07:44 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"ae07ae40393a03d603b6341bf9f7f923"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
19153
x-amz-meta-s3b-last-modified
20161130T162538Z
swfobject.js
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=96B33EC7EF3A588B&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&sr=direct&ts=1631651275973&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f234.1e100.net
Software
sffe /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3974
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 14 Sep 2022 17:37:59 GMT
blockadblock.js
wfpscripts.webspectator.com/adblocker/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=96B33EC7EF3A588B&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&sr=direct&ts=1631651275973&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2016 13:22:22 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
2696
ws-4.4.62.js
wfpscripts.webspectator.com/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=96B33EC7EF3A588B&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&sr=direct&ts=1631651275973&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 17:07:49 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
23796
3680.js
go.trvdp.com/init/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/3680.js?pid=2617
Requested by
Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=9474250438634148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-41.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:17:54 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified
Tue, 27 Oct 2020 11:05:42 GMT
server
AmazonS3
age
18961803
etag
"270eed6f93a6caf3e2976ddfbf017ed6"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
23347
x-amz-cf-id
hphzARcZUyPbTByAvCS7bZeHifvhe9uds5fol3r2swdLC2Bst93-gg==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1162761989&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dr=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=867592404&gjid=1668162158&cid=1947967339.1631651276&tid=UA-4083550-1&_gid=1731421849.1631651276&_r=1&gtm=2wg9d0MFKL3B&did=i5iSjo&z=2009744583
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1291055585-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 1213 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1291055585-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
bceb42c38849f45f8eccea1ad752b5ccea22eba051598d3890607f03941e301e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 13:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4306
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 02:29:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 13:55:14 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 1213 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
2ef62e4c595457dd8a3c841284673a147272154b3554e60f6f50b8003e8bb9a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7SHXi4WdhT/tQSpJcwx99Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"bb5b685689b0f7d4954c8a0375fc365d"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-7SHXi4WdhT/tQSpJcwx99Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:56 GMT
16315871271141_normal.jpg
digital2.correiodopovo.com.br/files/flip/CPOVO/15439/up/ Frame C002 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digital2.correiodopovo.com.br/files/flip/CPOVO/15439/up/16315871271141_normal.jpg
Requested by
Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.160.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-160-141.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
71862bf391c9a95ed429dba5e7d04107dcc4aab5aa347a2f48eb125cb24f4b6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
public
Date
Tue, 14 Sep 2021 20:27:55 GMT
Last-Modified
Tue, 14 Sep 2021 03:06:50 GMT
Server
Apache-Coyote/1.1
ETag
16315871271141_normal.jpg_193843_1631588810000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public; max-age=31536000
Content-Disposition
inline; filename=16315871271141_normal.jpg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
193843
Expires
Fri, 01 Oct 2021 21:08:25 GMT
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame A407 		156 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:10:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
199073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Mon, 12 Sep 2022 13:10:03 GMT
/
www.facebook.com/tr/ Frame A694 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2482
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.correiodopovo.com.br
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.correiodopovo.com.br
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Tue, 14 Sep 2021 20:27:56 GMT
0PZo8fXR68E
www.youtube.com/embed/ Frame 1554 		56 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
201b78849fea8656d251b6886d5bec09ecd897acf2f82bb76f4e60c89a0d1731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
YSC=e37KAX76wBU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Sep 2021 20:27:56 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=SGnx1TjItFE; Domain=.youtube.com; Expires=Sun, 13-Mar-2022 20:27:56 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+425; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW
Requested by
Host: paywall.correiodopovo.com.br
URL: https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/?&is_visitor=true&is_freemium=true&is_customer=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d65d665701facba63fc97d01f6eb1d4711672576513e02b0d9e7965987ddf49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51688
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:27:56 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fb1e6af49725793c5a36aac74b1f4851330344142713c5b3c19debce83693652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51696
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:27:56 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=898700906848364&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e58e053bf64802d3bcf764dd9c3d9d08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Rkjfoi2gFHb25i+a+i5v2RE/Krs8n21hic/vd8+1uI6aCMoMEe9QsZYwSuwj0jz2gwUA0hG+3UT0xNnVpUgERA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Sep 2021 20:27:56 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-4083550-1&cid=1947967339.1631651276&jid=867592404&gjid=1668162158&_gid=1731421849.1631651276&_u=YADAAEAAAAAAAC~&z=171105397
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Sep 2021 20:27:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 1213 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
f7f35acd4138198dfc9fd8ad3bae0c5fd4f0459828d77ce5cf348a70a21d04dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 08:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18067
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 08:44:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame A407 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
481b70057474f169e02e2105c2441ade64d4744a8d205fce2d42685d1fc1c2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 10:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42121
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 10:01:52 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VH600BGGZW&gtm=2oe9d0&_p=1162761989&sr=1600x1200&ul=en-us&cid=1947967339.1631651276&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dr=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&dt=Correio%20do%20Povo&sid=1631651276&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame E759 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=aa1084848d790f9fc455ad3ef05577b83c38ea93
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 20:27:56 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8ae5fdd04fbc748e73a7bdf92ea4107493e93425912210f7640dea6b8bfeae05
content-length
166
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-4083550-1&cid=1947967339.1631651276&jid=867592404&_u=YADAAEAAAAAAAC~&z=568567214
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-4083550-1&cid=1947967339.1631651276&jid=867592404&_u=YADAAEAAAAAAAC~&z=568567214
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.php
stg.truvidplayer.com/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=870&wid=3680&cb=405.2687071843031&pid=2617&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&isab=0
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-4.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
0e6f207fc0f0eb4964680063fa14b139510f2e86411f8d1ce8ba2bb6b8c2e567

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
x-amz-cf-id
fI1UnTIo8Mg2mHPpBOCwQQN5hv10SRoObWt97oki9027k3HUaWhWeg==
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
iframe
accounts.google.com/o/oauth2/ Frame 36E1 		513 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.237 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f13.1e100.net
Software
ESF /
Resource Hash
0d7d9b5e45530c246f3ae54bd76975e27471b112323d28f818946add2cdd1a16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IpIm2BMb35FAM13rlsFU6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
NID=223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Sep 2021 20:27:56 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-IpIm2BMb35FAM13rlsFU6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
msgws.webspectator.com/server/ssl/2.1/ 		67 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://msgws.webspectator.com/server/ssl/2.1/?guid=7f9e0e85-92c6-dc37-3805-c4fdc10e7833&appkey=w5tlOg
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-140-75.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Sep 2021 20:27:57 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
text/javascript
cb=gapi.loaded_3
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_3
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
e181d529a182bd1315ec4256070d242373a8ea6398cf1332871738b7f2fbe969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 18:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9523
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 14 Sep 2022 18:54:58 GMT
www-player-webp.css
www.youtube.com/s/player/1cc7c82c/ Frame 1554 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
447527
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46331
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:09:09 GMT
www-embed-player.js
www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/ Frame 1554 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
447536
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67231
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:09:00 GMT
base.js
www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 1554 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
446023
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515566
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:34:13 GMT
fetch-polyfill.js
www.youtube.com/s/player/1cc7c82c/fetch-polyfill.vflset/ Frame 1554 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
447536
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1554 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:04:46 GMT
x-content-type-options
nosniff
age
199390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 13:04:46 GMT
st
imprammp.taboola.com/ Frame 1EB9 		1 KB
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish
x-served-by
cache-hhn11566-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1631651277.754153,VS0,VE12
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame D249 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

server
nginx
date
Tue, 14 Sep 2021 20:27:56 GMT
content-type
text/html;charset=ISO-8859-1
machineid
9405
VideoBidRequestHandlerServlet
wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1631651276742&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1264&pt=1077281207&tz=0&viewable=true&ddast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4bf71663600d7e2588f043c2efd957dbcd1b76d9d8c6b7facc1de50e2cee071a

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
access-control-allow-origin
https://www.correiodopovo.com.br
machineid
1476
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11566-HHN
pragma
no-cache
server
nginx
x-timer
S1631651277.756268,VS0,VE126
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://impr.taboola.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=31589837&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1631651274265.6!ts:1631651276736&mntl=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-length
0
server
nginx
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=Ehmu74liQICp%2Ft8GpOEn4A%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1631651276817&cb=0.5119929019637612&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
68ec5be02c814108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=599572198568463&correlator=1255816038015500&output=ldjh&impl=fifs&eid=31062509%2C31062522%2C31062525%2C44748553%2C31062297%2C31062528&vrg=2021090701&ptt=17&sc=1&sfv=1-0-38&ecs=20210914&iu_parts=21715141650%3A1840275%2Cdesktop_scroll&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dscroll%26account_id%3D10102%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dscroll%26account_id%3D10102%7Cdk_refresh%3Dtrue%26index%3D3%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dscroll%26account_id%3D10102&cookie=ID%3D099185d53fb47ef1-22a39f6731cb0037%3AT%3D1631651275%3ART%3D1631651275%3AS%3DALNI_MYgNoKvFoMX0D9kaLdWqYKCM0KzyA&bc=31&abxe=1&lmt=1631651276&dt=1631651276836&dlt=1631651274434&idt=880&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=1994%2C4846%2C8424&adks=96248329%2C3150356329%2C739068031&ucis=1%7C2%7C3&ifi=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x-1%7C1600x-1&msz=1600x-1%7C1600x-1%7C1600x-1&ga_vid=1947967339.1631651276&ga_sid=1631651276&ga_hid=1162761989&ga_fc=false&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&btvi=1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
cafe /
Resource Hash
966c8193afc5c3a2d668afbafc0e6c8426de200e838a1953446ddb7e9af2a5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19916
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D74B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 14 Sep 2021 20:27:56 GMT
expires
Wed, 14 Sep 2022 20:27:56 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=Ehmu74liQICp%2Ft8GpOEn4A%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1631651276846&cb=0.07982379791110739&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
68ec5be06cde4108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=Ehmu74liQICp%2Ft8GpOEn4A%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1631651276846&cb=0.9581343986683075&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
68ec5be06ce14108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
1012384269-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 36E1 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 20:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40580
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 16:34:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 20:00:31 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 1EB9 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.216.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-216-94.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 1EB9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 1EB9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12639

Redirect headers

Date
Tue, 14 Sep 2021 20:27:57 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
17
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 1EB9 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-140-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame D249 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame D249 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.216.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-216-94.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D249
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12639

Redirect headers

Date
Tue, 14 Sep 2021 20:27:57 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3f18aba4-159a-11ec-a590-1a3cf9d10206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
121
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame D249 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-140-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
id
googleads.g.doubleclick.net/pagead/ Frame 1554 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
0ef129753a34a06e8bfc8c1237aee1a74519c9df9d92c1a3c5a6bc52ef88b7f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1554 		29 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:23:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
242
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:38:54 GMT
subscribe_embed
www.youtube.com/ Frame 65D2 		604 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
b6293a3b0ccea7f1a873b1c6e8c50dd7995e60dc3a45e31f070000f0b9792230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
YSC=e37KAX76wBU; VISITOR_INFO1_LIVE=SGnx1TjItFE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Sep 2021 20:27:56 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Wed, 19-Dec-2018 20:27:56 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+742; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 08:01:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
44816
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 14 Sep 2022 08:01:00 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:31:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
183401
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 12 Sep 2022 17:31:15 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 08:10:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
303454
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Sun, 11 Sep 2022 08:10:22 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:12:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
938
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Wed, 14 Sep 2022 20:12:18 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 06:48:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
308345
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Sun, 11 Sep 2022 06:48:51 GMT
cmTagSLIDER_INSTREAM.js
vidstat.taboola.com/vpaid/units/30_1_8/infra/ 		685 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
22a92c9d2e3725f4d30c008869de5f3b80163b9bbf9e1c8425333e744690c29b

Request headers

Referer
https://www.correiodopovo.com.br/
Origin
https://www.correiodopovo.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish
age
116296
x-amz-meta-mtime
1631534893
x-cache
HIT
x-amz-meta-ctime
1631534894
x-amz-meta-mode
33188
content-encoding
br
content-length
118959
x-amz-id-2
Eo/X4PQb8KpykMKdZdJv8xUcjRceYLoA/BsXYGeUm4SCyJmLCZ5rd1H3gQtg8jb7T5FxOa3TDRA=
x-served-by
cache-hhn11556-HHN
accept-ranges
bytes
last-modified
Mon, 13 Sep 2021 12:08:15 GMT
server
AmazonS3-br
x-timer
S1631651277.965238,VS0,VE0
etag
"5e03bbece4465805dc42e621eea08087"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
R0VNA8T1W2CHCZ2P
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
13003
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_1_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_1_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:56 GMT
via
1.1 varnish
age
116297
x-amz-meta-mtime
1631534934
x-cache
HIT
x-amz-meta-ctime
1631534935
x-amz-meta-mode
33188
content-encoding
br
content-length
7972
x-amz-id-2
nR2SQ65QJtg8e5/DPv2LmqwoCC6GMgZkoEk8px133ThTVwe/tiv1BASLn5z9xxv1v+ASZMY2Qpc=
x-served-by
cache-hhn11566-HHN
accept-ranges
bytes
last-modified
Mon, 13 Sep 2021 12:08:56 GMT
server
AmazonS3-br
x-timer
S1631651277.951124,VS0,VE0
etag
"ce1087477d9ed75a60ebb531908eb622"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QFN703KXH8C7ZHZJ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
196377
remote.js
www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 1554 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
446022
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29899
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:34:14 GMT
Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js
www.google.com/js/th/ Frame 1554 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
sffe /
Resource Hash
120ed0c07e3b799f05edbaf9edd674065f79410c14c3f80193f25a0813cd05f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 10:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
123771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13284
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 10:05:06 GMT
embed.js
www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 1554 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
446023
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7358
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:34:14 GMT
truncated
/ Frame 1554 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTrXrhy8ab5wE0OH_CM1FqExMJ4ZfJd0enDiEWqmg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1554 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTrXrhy8ab5wE0OH_CM1FqExMJ4ZfJd0enDiEWqmg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f1.1e100.net
Software
fife /
Resource Hash
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:50:10 GMT
x-content-type-options
nosniff
age
9467
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2270
x-xss-protection
0
server
fife
etag
"v9f7"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 28 Aug 2021 01:11:34 GMT
sddefault.webp
i.ytimg.com/vi_webp/0PZo8fXR68E/ Frame 1554 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/0PZo8fXR68E/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f22.1e100.net
Software
sffe /
Resource Hash
8c5dfef87a2df30bce7eff26e8b9d58ebe68ca6031c77dd31e74ece3918741b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:15:15 GMT
vary
Origin
server
sffe
x-content-type-options
nosniff
age
4362
etag
"1631298196"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25048
x-xss-protection
0
expires
Tue, 14 Sep 2021 21:15:15 GMT
ins.js
s.trvdp.com/scripts/v5.673/ 		500 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.673/ins.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-69.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80595b49b73c4c95d1c412d30173a6e7ea2aea9399b7189d597a7470789611c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 08:32:12 GMT
content-encoding
br
last-modified
Wed, 18 Aug 2021 08:08:46 GMT
server
AmazonS3
age
2375746
etag
W/"408459d51ad936fcdb97fd04826d2604"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
bxyvYqcx4Tx3Ibz7p-RqrYtGygbeBcFGLzUi_ycMiX7KMbPk_CKR1w==
iframerpc
accounts.google.com/o/oauth2/ Frame 36E1 		15 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=172526348210-or5nfffa5l6rbsvruouad2070j7ngoec.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.237 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f13.1e100.net
Software
ESF /
Resource Hash
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 14 Sep 2021 21:27:57 GMT
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront), 1.1 varnish
age
2031154
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-hhn11566-HHN
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1631651277.188111,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
c8oz58zIZQA6s5TCwajokbVT_atLoFcUuvdgW-8vVw870RldAb8krQ==
x-cache-hits
2629173
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 65D2 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 12:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
age
200418
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
expires
Mon, 12 Sep 2022 12:47:39 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 65D2 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
age
184443
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
expires
Mon, 12 Sep 2022 17:13:54 GMT
usync.html
eus.rubiconproject.com/ Frame 6D2D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=undefined&cb=1631651276736&uv=3018&tms=1631651276736&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=C58CDA44267418306235157571&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://imprammp.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Sep 2021 20:27:57 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Tue, 14 Sep 2021 20:27:57 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame C016
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Sep 2021 20:27:57 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Tue, 14 Sep 2021 20:27:57 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
bulk
trc.taboola.com/correiodopovo/log/3/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/correiodopovo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651277.203864,VS0,VE9
x-served-by
cache-fra19178-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1554 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Tue, 14 Sep 2021 20:27:57 GMT
generate_204
www.youtube.com/ Frame 1554 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?GPcFpQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 65D2 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
sffe /
Resource Hash
481b70057474f169e02e2105c2441ade64d4744a8d205fce2d42685d1fc1c2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 10:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42121
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 10:01:52 GMT
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront), 1.1 varnish
age
815794
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn11566-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1631651277.400910,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
gMac7oPnGnLwMTPr8ZTp3wXPxJLROynfM1c1ULf482PWoHTcQG1zPg==
x-cache-hits
1481034
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
1774374
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn11566-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1631651277.404609,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
1487737
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/ 		568 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
218e212955a099e8b0e363d4750a26b27024c8443a4b5e0313aa62ef2054153e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 varnish
age
1064831
x-amz-meta-mtime
1630586387
x-cache
HIT
x-amz-meta-ctime
1630586402
x-amz-meta-mode
33188
content-encoding
br
content-length
118911
x-amz-id-2
gtVi8ipDoL/rFQp+iImuj8fkbPufGZdvhEMGT0iabCXjPlfRpi9QVBdYHSdp1hQ6XdVZUEj1I9Y=
x-served-by
cache-hhn11566-HHN
accept-ranges
bytes
last-modified
Thu, 02 Sep 2021 12:40:03 GMT
server
AmazonS3-br
x-timer
S1631651277.421063,VS0,VE0
etag
"062bf4ef6ed3901a242357a7a0f461b2"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
RBTJD75NBHBER6AC
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
2159380
sync
am-match.taboola.com/ Frame A7AC 		1017 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
796611214d021bcac816f48cee7b311f491a1cff63bb41e0bae4dc8a122aa088

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
t_gid=09e494fe-ea3f-4878-ac47-65dc69970758-tuct83a8b4d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

server
nginx
date
Tue, 14 Sep 2021 20:27:57 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3402
loading2.png
vidstat.taboola.com/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/loading2.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront), 1.1 varnish
age
3519241
x-amz-meta-mtime
1498646328
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-length
24300
x-served-by
cache-hhn11566-HHN
last-modified
Sun, 02 Jul 2017 14:25:04 GMT
server
AmazonS3
x-timer
S1631651277.440749,VS0,VE0
etag
"ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
access-control-allow-headers
*
x-amz-cf-id
O9tGAYqRJlC8dzwINHy8gNU4n0EVIRUKkmFtaB69jD6tgoH3JImu4Q==
x-cache-hits
683053
replay-button.svg
vidstat.taboola.com/assets/ 		1 KB
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/replay-button.svg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront), 1.1 varnish
age
728076
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
701
x-served-by
cache-hhn11566-HHN
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1631651277.441979,VS0,VE0
etag
"e871e80b457ead7801d3bbe63b25c4fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
b_2YSz_xJ_vlRCCaxiIFf95Q8jxCjwLOwkr1CwY6cuNKztnK2Kc5vw==
x-cache-hits
250002
replay-button-hover.svg
vidstat.taboola.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront), 1.1 varnish
age
2033658
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
709
x-served-by
cache-hhn11566-HHN
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1631651277.442063,VS0,VE0
etag
"ae0344bce724db935e4f7ba6573ee516"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
2HcFMYGxmQteCw1jc2niyxVF1ROUef4KiaFoXlUv449LHzr8nVYUOA==
x-cache-hits
388692
learn-more-button.svg
vidstat.taboola.com/assets/ 		2 KB
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront), 1.1 varnish
age
2033673
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
634
x-served-by
cache-hhn11566-HHN
last-modified
Wed, 13 Feb 2019 09:30:12 GMT
server
AmazonS3
x-timer
S1631651277.442108,VS0,VE0
etag
"3132e8c3bdd274efa7ce1531ec89580d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Ii0WujZIcwwGwkdmZTuIiPeqXMPZSoay4oeqMK7aMH7qVkWGHL6pqw==
x-cache-hits
388968
learn-more-button-hover.svg
vidstat.taboola.com/assets/ 		2 KB
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront), 1.1 varnish
age
1716519
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
660
x-served-by
cache-hhn11566-HHN
last-modified
Wed, 13 Feb 2019 09:30:11 GMT
server
AmazonS3
x-timer
S1631651277.442133,VS0,VE0
etag
"b14888c73642ebc29c1451727eb1eb8a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
bBVocQgHDNUvxV065MDhB_MM39kBHPqj8-ESrWy_YbAg5ZyXHCR8ug==
x-cache-hits
427257
cors
data.ad-score.com/score/ 		52 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.correiodopovo.com.br&l1=3680&l2=correiodopovo.com.br&l3=DE&l4=desktop&cb=0.8914958356191902
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.673/ins.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
52
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
etag
"11d8569a7da0739259e3ac0b0d666e94"
age
68
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
mDyE8cfWorWgPUWxEn/VZhkEtPocpPaM0bHAZuvqBsde58eQBtQuoIbO0yhr3i4Ng3fQ7/a3QoE=
x-served-by
cache-hhn11547-HHN
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1631651277.454397,VS0,VE0
date
Tue, 14 Sep 2021 20:27:57 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
VF7VXN7KGS2G2FK1
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
34
x-cache-hits
86
usync.js
eus.rubiconproject.com/ Frame 6D2D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e79c4810102b289ddad74e8a731fdab545e666cb04cde36d2daa32c7a469508b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42274
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 15 Sep 2021 08:12:31 GMT
cast_sender.js
www.gstatic.com/eureka/clank/92/ Frame 1554 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/92/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f3.1e100.net
Software
sffe /
Resource Hash
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15330
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 15:08:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 15 Sep 2021 04:53:24 GMT
usync.js
eus.rubiconproject.com/ Frame C016 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e79c4810102b289ddad74e8a731fdab545e666cb04cde36d2daa32c7a469508b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42274
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 15 Sep 2021 08:12:31 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
16913
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
zqMTRpifsl7n57rrmbauTpy15dj75+/Yr9THvoBu2iu20NuAVBrIbTIB+OLFF3ceJPrHp0hsBJU=
x-served-by
cache-hhn11547-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1631651277.486928,VS0,VE0
date
Tue, 14 Sep 2021 20:27:57 GMT
x-amz-request-id
PDAX0NJ0ZCYB7FMQ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
34
x-cache-hits
20751
container.html
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 14 Sep 2021 20:27:56 GMT
expires
Wed, 14 Sep 2022 20:27:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5FBF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 14 Sep 2021 20:27:56 GMT
expires
Wed, 14 Sep 2022 20:27:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4AA0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 14 Sep 2021 20:27:56 GMT
expires
Wed, 14 Sep 2022 20:27:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
khaos.jpg
token.rubiconproject.com/ Frame 6D2D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame C016 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
sync
taboola-supply-partners.tremorhub.com/ Frame A7AC 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.216.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-216-94.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame A7AC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame A7AC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-140-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
um
cs.emxdgt.com/ Frame A7AC 		0
59 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-length
0
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 2B2B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Sep 2021 20:27:58 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Tue, 14 Sep 2021 20:27:57 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
CreativeDisplayer
impr.taboola.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://impr.taboola.com/CreativeDisplayer?adId=6403255&excid=22
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
914fd757696b44cedbbb4cae56a2a4f86055ce32c9ef552e906d07bef28ff31b

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651278.645232,VS0,VE8
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
24decd1c-dcff-4965-96a6-042087f69881
https://www.correiodopovo.com.br/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.correiodopovo.com.br/24decd1c-dcff-4965-96a6-042087f69881
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
7f2e36be-182e-47e5-b3c1-a86e87c56f9a
https://www.correiodopovo.com.br/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.correiodopovo.com.br/7f2e36be-182e-47e5-b3c1-a86e87c56f9a
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
pixel
googleads.g.doubleclick.net/xbbe/ Frame C989 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Sep 2021 20:27:58 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C8A0 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APnydXmZ3wW5iP7GjJ7BpUubFLl-r1DIRIjfR82rpub3z44MghC5C_8ca_hv4cg32kWayZ2kBxxueJuq5TKYUHJVNEwjbL1nqY1qQ0U6oyn9A37b8QuW2D7Xw_dl5hUz9_bvU64yGgLLpBCrHAQjqSYmU7mg&dbm_d=AKAmf-DkBWD6CPPX1Zxh8GK72uBM-4nvq-kcLz9kV7TY4phB0UlDGYrORkNHyWaqp8ne64pVq5u3nirfUN36pghQsLwTmIA9LxVKHEAgA6ttnf3VLoQRsrCXm9k0ELgmra0f7AjhznDGVzapZ5D8xVyvbMGFTskUcZwrcUx7bY6BYFcaMhjXXeXViF7IEjAZCw2h-eK4H7QaOeEoX9LvncA5qk9gqwXARX3kNVcHAmaNtWa-GBOYSmezihR_g1beYpUxvoQc5ff1HUcFU2thfz9LHhff8o6eRiT42QvrGeBvOHfX6G5dmbOFkRGqmJgAaMp43uKLrIRUPxevKOIIcI0tGNIlFSpGRdWpk8hSU8QvIvtjOu-lhz6Guoenh65uuF9fEQamxWRkyOlil0s_NHQAcnLdcUD1ClFDTGEjdO7QI1lR4hbaflxQdCYSJ2hJXYNUgQ7U-n2FXfTVwvCbFop-a0zqHYSDWXkoDVkQHEetTLJdzLH_T-_AsnNKUFWwC-BALF9RxlNtIISFoVcrVpMRXnmwZlDSEia7sHIla7i-FKevqgwbobeB5C65Cr43aLQGlY5D05YfxW-i757bmyn0_lw_pj3-aX49o_EO1ZPEqu9SYEcH638tNR5avvLVkloEGil6JceO6uUXiS3QtrDPP_VVPaI-c9efa8nldoEGnVwe-j0rm0HNq6vwhXn5Whb_4GJTmZSGFCLxW8hJTI_Fs7iRtLH3RvxgZPlXVXxCD1wKOFHNF82EI9Njv9YRjn0T5f3h10JWp0GrzV6w9YKLtXOpJuptD5OQxdm2Ad6bVIPtyCBVmQehe3KycNxqSoXhxOPPvjWrjg1tA1AHRCc2FiKoLeiPaS7UcwA6-r82WkU1m-8-Uz8yS5yypLDpo-mgR7k2LBCskAKzuCCYg3URWaBk128YVo7dXSuOe4KiieTk3AmigSkQpVdmARDV_rA8bryvP_eXrlSpBAoAcVXFlaEB9y0oFQMcZr-gu8g52Nt3L-cXr4Zhs4vCujUPnnvq4VcIgWP8IJ57mu1xxafsIfZ8kRa3dZrtU_SJ5NltFa8P17iePLHeoUuPTizHHzdTINSGtI-c9soiWuUrqJeN0n8mROMTvE2NFBe4xAFxdtU5G4vbGPi_TZATgpJpHF3EkDqoSundj8wqQoiDAW73NwOow6qaKsCZWLF3SijBvuJvT3kdcDiAFwkMaEVh6ZIB4YMaO9GBrOh-nid9qdNf3LmeV5zZz-2avpjRhZfg-0ZdUd5rHbhfVtVuWsLn7_sdc6CsIPrFBF_fer3VGwGVrajfhK8CwNALA-foSO6mNJe3NqPxZJRfpTHZ-ZpJZUTgO_wm5cZB3kYbVDeH5GhAf03gvd0yoZ5yfoChkDFkCo1gdz8yvyBz6Y3rqlnykOKlkySgXSJRhw_4trERfUYWNWmO96wuJNPNnfm3RxY9bzi-iGQj19Nfd1BT_7AWF97rfzoAvaGeNlZFX3m4wl8Yaux11KJYFYwlU4g9b--yxfrROCJi-GrGSa7hnYpejTOflwLcu9HSgE8xwsdct7CXvqqm5pmJNga-jZZAqq6zujBuiP9jXMcL-PUINeIa5tPyZEHiA2zHZMa2B-wO_kyAd8WitZKdEIPrqFG4ZMMmVikuRBplHld5L6AMuXcvnvpx9Y8HPrNE6Bzj833TkmXziseiUn9zJ_UP7fw0YPw_IhLFbqpsV9s5awPLCtxuZVdKCXupD0vwlzNK2y3hXrYU9XhDWcOqa0N2HBsUWb21kiI2Py5s3oM8DFQl3rPy53cbsXaZZx1KVa1yiwpqmx4nw5tlln82gJeHzALav4ejwc022GsBZP9NitCxHEX6nFwTD4JxJAD7-fDVOl0Lv8CnBM8CiOR2dQXxFJCzTi00SDEqNLoe1XIHbQ94OYdjX56XV5HVlNyyGAP803wgYDgyzdP9pFqBupYll5kIFd5fNvC5GJMHBCaPC70vJ21z_DI23jyv-cMRDlNavWV6bQFoV_GBCA6DrctS_mLYDRCBxoagcYmXXbMaIpEUD2mzTHH3OixOLXcQk6yW7oDfXCrMt4lOUKz5Q_NvtXt8YblPG8g9ifB0oH3CHdqn-uC19j5lSyY0KjUVnB-9hXSEVSuYpLBGWqYT7ihe-00xHojq2vrcZqKWUN50ndVwWzxQckoVH6IaAA0GZUfy_z0404LP2jpWyS_LtukM9pgejDIFHh6AuMGC4Di8juQrLNzGQuvyQ9oFtgiozkoeDOHKHWBRDWfwr7MOQhB1ekVnBcxw5ZOCbKAQnZVqxr-gZpCtPZU6ZWGrSs68Nafqvmj2bDB6SGs7_xqlaBlbhGDTFY1erVfFrtF6U-zFtCoMDGoFTGfsQQfZ7argNkwDZH5T0rWy3sfQLJEDo11d-cnST2OjjGIIMGaq4hNzOFsx0uPlziV875HPHvDIzV3y0q_PmOooJaLLh34nho2emeF7nLDrR_pOutHI4bB6PCnJ-8LGB6thObij8x495eRvGAZGh6hii9pKwEqokGB-Iv0wJfqMc2z7tPrI2oKLBd3HjC9Mq0uqhwheOu4h4ItPSm68gtUeIc1PoVQ8eU5pHSVJ3SnMJ6VFUPOraz_yYGkrmDd9q7sXl9KSpTLo6xZ3jhnUmG5xsDyc4C7G4x9dQY2-bHU4LmSU-6mVpdC3RdDaMLRoFdt07WI5rh9C_SHY5rOtp_wtre2vNXcRyadFp8ocUDswFj6-leVfAqyTEM-2AId-5zbmN2Iq2ukPnLm82Jc8kfTyi3ZsLAUQgZ_JYC2ZIWzHmOiHfcJ__Q-ax8VWDcWK_hswXXBcbTC3LhAoYqPSRIDw--KhSjiUMjrV8b6sSzlgS35gXan4AsGeeFTSOUCICpVBooNaKJLwdIW31bXLiLDOCr9l6pKxBARCIiRcozNwXeENfAjtRhg6_W9cqASMsk7okSbRATT_ggi7pJtf_h2gO_-xB_kC8CCuj7ljihUjSdZtiL0i-ExbNfgGG8xvUYREY06lLwC6toOgYAGH4CiG7YqF3IsdQTPIRDLgGswMSTNwxPki2XJ59Fp3V-cmKjXt3Xit8F1_1OhOpjqaUWDTEU2C9zx4C4CpMSgN8kcvsn9Nfjx2PJ4fC3Ii94Ok5K1UW74x2-kU&cid=CAASEuRoULbApI0Jilcme0fv3pGBFw&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
f5a5fa9309ecbd897710fa5dddf07a531681820fbcde76be4eb5b4bf2ffd215b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28625
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzwJEqZKQq88nTMbMKa_5RoTHshKCEY660t_apGMB5AIG2srjLlmnXW1XSluyPuTfnyqpJuYsSLoMxy8trpR2tkAMyZPnf3VdfFGqyd0zhyEozf00
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame C8A0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:19:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8A0 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:27:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame C8A0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:06 GMT
l
www.google.com/ads/measurement/ Frame C8A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSo4NYTeThgUKQ1l3bI4lswQYJ2vWgj76DmNhMM7Rr2tJSd2DKgC6wGKLST1vbGjguRcRaTOouk5bXE_huW_SDR9Qq6A
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
95
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qLA+ntpX0xsn1M4H/vpvkV0o8w6UGkVVXckTk0W0F2Kr9YHvQvZKGJImLauo/YXexJMT5LeMdnk=
x-served-by
cache-hhn11547-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1631651278.093563,VS0,VE0
date
Tue, 14 Sep 2021 20:27:58 GMT
vary
Accept-Encoding
x-amz-request-id
4KMJJDXMWM2DB40W
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
34
x-cache-hits
1746
moatvideo.js
z.moatads.com/taboolajsvideo2446883476/ 		345 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2629e2610f2c2e5320e7e97f439cfdc7f8ab89f557d2b8e25acc7d232dbd8792

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 15:02:57 GMT
server
AmazonS3
x-amz-request-id
AFG8KGWENA70TZ78
etag
"cc6a2d67dff876fe394104ce5882a3d8"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25557
accept-ranges
bytes
content-length
114326
x-amz-id-2
uw7N7a0Qd+awyeaDpTJ0BbZyrUIQQxlqMgxeTrUqwUmDiXgPPnamqcJHM1gEot8lTqiKR8d8T84=
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame C8A0 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Origin
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 03:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Sep 2021 03:00:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame C8A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APnydXmZ3wW5iP7GjJ7BpUubFLl-r1DIRIjfR82rpub3z44MghC5C_8ca_hv4cg32kWayZ2kBxxueJuq5TKYUHJVNEwjbL1nqY1qQ0U6oyn9A37b8QuW2D7Xw_dl5hUz9_bvU64yGgLLpBCrHAQjqSYmU7mg&dbm_d=AKAmf-DkBWD6CPPX1Zxh8GK72uBM-4nvq-kcLz9kV7TY4phB0UlDGYrORkNHyWaqp8ne64pVq5u3nirfUN36pghQsLwTmIA9LxVKHEAgA6ttnf3VLoQRsrCXm9k0ELgmra0f7AjhznDGVzapZ5D8xVyvbMGFTskUcZwrcUx7bY6BYFcaMhjXXeXViF7IEjAZCw2h-eK4H7QaOeEoX9LvncA5qk9gqwXARX3kNVcHAmaNtWa-GBOYSmezihR_g1beYpUxvoQc5ff1HUcFU2thfz9LHhff8o6eRiT42QvrGeBvOHfX6G5dmbOFkRGqmJgAaMp43uKLrIRUPxevKOIIcI0tGNIlFSpGRdWpk8hSU8QvIvtjOu-lhz6Guoenh65uuF9fEQamxWRkyOlil0s_NHQAcnLdcUD1ClFDTGEjdO7QI1lR4hbaflxQdCYSJ2hJXYNUgQ7U-n2FXfTVwvCbFop-a0zqHYSDWXkoDVkQHEetTLJdzLH_T-_AsnNKUFWwC-BALF9RxlNtIISFoVcrVpMRXnmwZlDSEia7sHIla7i-FKevqgwbobeB5C65Cr43aLQGlY5D05YfxW-i757bmyn0_lw_pj3-aX49o_EO1ZPEqu9SYEcH638tNR5avvLVkloEGil6JceO6uUXiS3QtrDPP_VVPaI-c9efa8nldoEGnVwe-j0rm0HNq6vwhXn5Whb_4GJTmZSGFCLxW8hJTI_Fs7iRtLH3RvxgZPlXVXxCD1wKOFHNF82EI9Njv9YRjn0T5f3h10JWp0GrzV6w9YKLtXOpJuptD5OQxdm2Ad6bVIPtyCBVmQehe3KycNxqSoXhxOPPvjWrjg1tA1AHRCc2FiKoLeiPaS7UcwA6-r82WkU1m-8-Uz8yS5yypLDpo-mgR7k2LBCskAKzuCCYg3URWaBk128YVo7dXSuOe4KiieTk3AmigSkQpVdmARDV_rA8bryvP_eXrlSpBAoAcVXFlaEB9y0oFQMcZr-gu8g52Nt3L-cXr4Zhs4vCujUPnnvq4VcIgWP8IJ57mu1xxafsIfZ8kRa3dZrtU_SJ5NltFa8P17iePLHeoUuPTizHHzdTINSGtI-c9soiWuUrqJeN0n8mROMTvE2NFBe4xAFxdtU5G4vbGPi_TZATgpJpHF3EkDqoSundj8wqQoiDAW73NwOow6qaKsCZWLF3SijBvuJvT3kdcDiAFwkMaEVh6ZIB4YMaO9GBrOh-nid9qdNf3LmeV5zZz-2avpjRhZfg-0ZdUd5rHbhfVtVuWsLn7_sdc6CsIPrFBF_fer3VGwGVrajfhK8CwNALA-foSO6mNJe3NqPxZJRfpTHZ-ZpJZUTgO_wm5cZB3kYbVDeH5GhAf03gvd0yoZ5yfoChkDFkCo1gdz8yvyBz6Y3rqlnykOKlkySgXSJRhw_4trERfUYWNWmO96wuJNPNnfm3RxY9bzi-iGQj19Nfd1BT_7AWF97rfzoAvaGeNlZFX3m4wl8Yaux11KJYFYwlU4g9b--yxfrROCJi-GrGSa7hnYpejTOflwLcu9HSgE8xwsdct7CXvqqm5pmJNga-jZZAqq6zujBuiP9jXMcL-PUINeIa5tPyZEHiA2zHZMa2B-wO_kyAd8WitZKdEIPrqFG4ZMMmVikuRBplHld5L6AMuXcvnvpx9Y8HPrNE6Bzj833TkmXziseiUn9zJ_UP7fw0YPw_IhLFbqpsV9s5awPLCtxuZVdKCXupD0vwlzNK2y3hXrYU9XhDWcOqa0N2HBsUWb21kiI2Py5s3oM8DFQl3rPy53cbsXaZZx1KVa1yiwpqmx4nw5tlln82gJeHzALav4ejwc022GsBZP9NitCxHEX6nFwTD4JxJAD7-fDVOl0Lv8CnBM8CiOR2dQXxFJCzTi00SDEqNLoe1XIHbQ94OYdjX56XV5HVlNyyGAP803wgYDgyzdP9pFqBupYll5kIFd5fNvC5GJMHBCaPC70vJ21z_DI23jyv-cMRDlNavWV6bQFoV_GBCA6DrctS_mLYDRCBxoagcYmXXbMaIpEUD2mzTHH3OixOLXcQk6yW7oDfXCrMt4lOUKz5Q_NvtXt8YblPG8g9ifB0oH3CHdqn-uC19j5lSyY0KjUVnB-9hXSEVSuYpLBGWqYT7ihe-00xHojq2vrcZqKWUN50ndVwWzxQckoVH6IaAA0GZUfy_z0404LP2jpWyS_LtukM9pgejDIFHh6AuMGC4Di8juQrLNzGQuvyQ9oFtgiozkoeDOHKHWBRDWfwr7MOQhB1ekVnBcxw5ZOCbKAQnZVqxr-gZpCtPZU6ZWGrSs68Nafqvmj2bDB6SGs7_xqlaBlbhGDTFY1erVfFrtF6U-zFtCoMDGoFTGfsQQfZ7argNkwDZH5T0rWy3sfQLJEDo11d-cnST2OjjGIIMGaq4hNzOFsx0uPlziV875HPHvDIzV3y0q_PmOooJaLLh34nho2emeF7nLDrR_pOutHI4bB6PCnJ-8LGB6thObij8x495eRvGAZGh6hii9pKwEqokGB-Iv0wJfqMc2z7tPrI2oKLBd3HjC9Mq0uqhwheOu4h4ItPSm68gtUeIc1PoVQ8eU5pHSVJ3SnMJ6VFUPOraz_yYGkrmDd9q7sXl9KSpTLo6xZ3jhnUmG5xsDyc4C7G4x9dQY2-bHU4LmSU-6mVpdC3RdDaMLRoFdt07WI5rh9C_SHY5rOtp_wtre2vNXcRyadFp8ocUDswFj6-leVfAqyTEM-2AId-5zbmN2Iq2ukPnLm82Jc8kfTyi3ZsLAUQgZ_JYC2ZIWzHmOiHfcJ__Q-ax8VWDcWK_hswXXBcbTC3LhAoYqPSRIDw--KhSjiUMjrV8b6sSzlgS35gXan4AsGeeFTSOUCICpVBooNaKJLwdIW31bXLiLDOCr9l6pKxBARCIiRcozNwXeENfAjtRhg6_W9cqASMsk7okSbRATT_ggi7pJtf_h2gO_-xB_kC8CCuj7ljihUjSdZtiL0i-ExbNfgGG8xvUYREY06lLwC6toOgYAGH4CiG7YqF3IsdQTPIRDLgGswMSTNwxPki2XJ59Fp3V-cmKjXt3Xit8F1_1OhOpjqaUWDTEU2C9zx4C4CpMSgN8kcvsn9Nfjx2PJ4fC3Ii94Ok5K1UW74x2-kU&cid=CAASEuRoULbApI0Jilcme0fv3pGBFw&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame C8A0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APnydXmZ3wW5iP7GjJ7BpUubFLl-r1DIRIjfR82rpub3z44MghC5C_8ca_hv4cg32kWayZ2kBxxueJuq5TKYUHJVNEwjbL1nqY1qQ0U6oyn9A37b8QuW2D7Xw_dl5hUz9_bvU64yGgLLpBCrHAQjqSYmU7mg&dbm_d=AKAmf-DkBWD6CPPX1Zxh8GK72uBM-4nvq-kcLz9kV7TY4phB0UlDGYrORkNHyWaqp8ne64pVq5u3nirfUN36pghQsLwTmIA9LxVKHEAgA6ttnf3VLoQRsrCXm9k0ELgmra0f7AjhznDGVzapZ5D8xVyvbMGFTskUcZwrcUx7bY6BYFcaMhjXXeXViF7IEjAZCw2h-eK4H7QaOeEoX9LvncA5qk9gqwXARX3kNVcHAmaNtWa-GBOYSmezihR_g1beYpUxvoQc5ff1HUcFU2thfz9LHhff8o6eRiT42QvrGeBvOHfX6G5dmbOFkRGqmJgAaMp43uKLrIRUPxevKOIIcI0tGNIlFSpGRdWpk8hSU8QvIvtjOu-lhz6Guoenh65uuF9fEQamxWRkyOlil0s_NHQAcnLdcUD1ClFDTGEjdO7QI1lR4hbaflxQdCYSJ2hJXYNUgQ7U-n2FXfTVwvCbFop-a0zqHYSDWXkoDVkQHEetTLJdzLH_T-_AsnNKUFWwC-BALF9RxlNtIISFoVcrVpMRXnmwZlDSEia7sHIla7i-FKevqgwbobeB5C65Cr43aLQGlY5D05YfxW-i757bmyn0_lw_pj3-aX49o_EO1ZPEqu9SYEcH638tNR5avvLVkloEGil6JceO6uUXiS3QtrDPP_VVPaI-c9efa8nldoEGnVwe-j0rm0HNq6vwhXn5Whb_4GJTmZSGFCLxW8hJTI_Fs7iRtLH3RvxgZPlXVXxCD1wKOFHNF82EI9Njv9YRjn0T5f3h10JWp0GrzV6w9YKLtXOpJuptD5OQxdm2Ad6bVIPtyCBVmQehe3KycNxqSoXhxOPPvjWrjg1tA1AHRCc2FiKoLeiPaS7UcwA6-r82WkU1m-8-Uz8yS5yypLDpo-mgR7k2LBCskAKzuCCYg3URWaBk128YVo7dXSuOe4KiieTk3AmigSkQpVdmARDV_rA8bryvP_eXrlSpBAoAcVXFlaEB9y0oFQMcZr-gu8g52Nt3L-cXr4Zhs4vCujUPnnvq4VcIgWP8IJ57mu1xxafsIfZ8kRa3dZrtU_SJ5NltFa8P17iePLHeoUuPTizHHzdTINSGtI-c9soiWuUrqJeN0n8mROMTvE2NFBe4xAFxdtU5G4vbGPi_TZATgpJpHF3EkDqoSundj8wqQoiDAW73NwOow6qaKsCZWLF3SijBvuJvT3kdcDiAFwkMaEVh6ZIB4YMaO9GBrOh-nid9qdNf3LmeV5zZz-2avpjRhZfg-0ZdUd5rHbhfVtVuWsLn7_sdc6CsIPrFBF_fer3VGwGVrajfhK8CwNALA-foSO6mNJe3NqPxZJRfpTHZ-ZpJZUTgO_wm5cZB3kYbVDeH5GhAf03gvd0yoZ5yfoChkDFkCo1gdz8yvyBz6Y3rqlnykOKlkySgXSJRhw_4trERfUYWNWmO96wuJNPNnfm3RxY9bzi-iGQj19Nfd1BT_7AWF97rfzoAvaGeNlZFX3m4wl8Yaux11KJYFYwlU4g9b--yxfrROCJi-GrGSa7hnYpejTOflwLcu9HSgE8xwsdct7CXvqqm5pmJNga-jZZAqq6zujBuiP9jXMcL-PUINeIa5tPyZEHiA2zHZMa2B-wO_kyAd8WitZKdEIPrqFG4ZMMmVikuRBplHld5L6AMuXcvnvpx9Y8HPrNE6Bzj833TkmXziseiUn9zJ_UP7fw0YPw_IhLFbqpsV9s5awPLCtxuZVdKCXupD0vwlzNK2y3hXrYU9XhDWcOqa0N2HBsUWb21kiI2Py5s3oM8DFQl3rPy53cbsXaZZx1KVa1yiwpqmx4nw5tlln82gJeHzALav4ejwc022GsBZP9NitCxHEX6nFwTD4JxJAD7-fDVOl0Lv8CnBM8CiOR2dQXxFJCzTi00SDEqNLoe1XIHbQ94OYdjX56XV5HVlNyyGAP803wgYDgyzdP9pFqBupYll5kIFd5fNvC5GJMHBCaPC70vJ21z_DI23jyv-cMRDlNavWV6bQFoV_GBCA6DrctS_mLYDRCBxoagcYmXXbMaIpEUD2mzTHH3OixOLXcQk6yW7oDfXCrMt4lOUKz5Q_NvtXt8YblPG8g9ifB0oH3CHdqn-uC19j5lSyY0KjUVnB-9hXSEVSuYpLBGWqYT7ihe-00xHojq2vrcZqKWUN50ndVwWzxQckoVH6IaAA0GZUfy_z0404LP2jpWyS_LtukM9pgejDIFHh6AuMGC4Di8juQrLNzGQuvyQ9oFtgiozkoeDOHKHWBRDWfwr7MOQhB1ekVnBcxw5ZOCbKAQnZVqxr-gZpCtPZU6ZWGrSs68Nafqvmj2bDB6SGs7_xqlaBlbhGDTFY1erVfFrtF6U-zFtCoMDGoFTGfsQQfZ7argNkwDZH5T0rWy3sfQLJEDo11d-cnST2OjjGIIMGaq4hNzOFsx0uPlziV875HPHvDIzV3y0q_PmOooJaLLh34nho2emeF7nLDrR_pOutHI4bB6PCnJ-8LGB6thObij8x495eRvGAZGh6hii9pKwEqokGB-Iv0wJfqMc2z7tPrI2oKLBd3HjC9Mq0uqhwheOu4h4ItPSm68gtUeIc1PoVQ8eU5pHSVJ3SnMJ6VFUPOraz_yYGkrmDd9q7sXl9KSpTLo6xZ3jhnUmG5xsDyc4C7G4x9dQY2-bHU4LmSU-6mVpdC3RdDaMLRoFdt07WI5rh9C_SHY5rOtp_wtre2vNXcRyadFp8ocUDswFj6-leVfAqyTEM-2AId-5zbmN2Iq2ukPnLm82Jc8kfTyi3ZsLAUQgZ_JYC2ZIWzHmOiHfcJ__Q-ax8VWDcWK_hswXXBcbTC3LhAoYqPSRIDw--KhSjiUMjrV8b6sSzlgS35gXan4AsGeeFTSOUCICpVBooNaKJLwdIW31bXLiLDOCr9l6pKxBARCIiRcozNwXeENfAjtRhg6_W9cqASMsk7okSbRATT_ggi7pJtf_h2gO_-xB_kC8CCuj7ljihUjSdZtiL0i-ExbNfgGG8xvUYREY06lLwC6toOgYAGH4CiG7YqF3IsdQTPIRDLgGswMSTNwxPki2XJ59Fp3V-cmKjXt3Xit8F1_1OhOpjqaUWDTEU2C9zx4C4CpMSgN8kcvsn9Nfjx2PJ4fC3Ii94Ok5K1UW74x2-kU&cid=CAASEuRoULbApI0Jilcme0fv3pGBFw&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9258
x-xss-protection
0
server
cafe
etag
9058358164849487988
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0636 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Sep 2021 20:27:58 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5FBF 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMztwX8kIa8k6MLoA5RC8-nFmULop46F_56mgOES9vtnXivNiqruvIveGmOhALu9Bvm5mN-Ww8v_S20VZ9YcWvqLRzbG7oSLgQkXYgn8mJ0LIgn669dsUblUMVc0apikTlpa1R7r7dsel1prZD6yl8UVAF7Q&dbm_d=AKAmf-D8J5uTur1kGgB6IYnftE0_1PiVW06tKQR184HbNAQ8at7hAFruYD8BxIMtUDUTGFBvL-TXcCEVnkKgjrKDO_PAwOd5hzNUvpgUfSJlpYxx_v20F9LFy7CWqfSz2XBRjjrMTLzA7oSKfOK7eY4qF_2LoOWOZ9d2tehPWl5UHb9KYWRo6_-os19sx21517CjPuqR1DH9TpSNn9qV_gTOpVJEGfs_b4qhkylc41JhGW-3QuBf795r6tkPiRkCYRG6GIiai6qCmR_0G1bBNs-AudyylWgKVqnTtH4LI99gdY0dzyWZJZiiASatqI58j-8A1d9W3VKKRJR9k_NbkqC1VLtvfLk2c1aSxtV8xxHxSJlar7tEuzP-JpI79SKG75pwcr7V8wnuyzLvf3CQCiUV3lzHjGQ7dUx_ZTSlgLzvvD9EVanXq1E5UrPqhSUgo8ocsPVNWUWQ9mHgleMCsK8yCfs2Un-ybxl3td-T7BpYyYL4pzNpEwq0WVbFrcRxnaXDortpAxtgFCCbSSjP1mvTnbdBKkEFWG1cuCLEfp6TF6iAWAfiywABcniREu5eSkYyHyGIyHWOXe_UtxovLYDxKKliI0nUu6GOuI8B_uLZQPk_OtPh7JKHQvdXW5BDGa1o3-77nkKXIEIgF9eetzbojfR-yc2nJb4szpQYgVldO5CPY5q2_M-wp2U5EsAz593ro4RRFv3BPHQylojxIc3N2v6wyYKW2sjCuieaLJN5ZSAbcP46Nw7oJk_COkRfDWZS3jyQt6W46RkWx1V5W-yJL0mjZnMxrjQjNj1aYgFc5H-vD_G7ZI7I38Jk8jwDcYzpKsMSr04ps-QGaenRkkA_hmcMtsREyok6hNVzmz6ZzYwiHPBXG4rsxV2tCIyU6GdZab2rm1HNr2Mi_CWmauyCf0RdEiph7Mtj2Clpp1-q4FXRvIy1b1Cl1aiD0h6DHzyUgrjuYcAkEnSzUCRQPO6E_awTavzOguHUykTqLBdT71TEFuVmr0Sy1fB7738Ruw6xE0ZjnwrE4gO9oSFbE4G4Zb7M17f_AemWBe5NGQnZJ6_KyCO_fXk92G8uyV0Dd-h2SjG09SUx26P51RV3uUO5yB4AcIEAT4Oh_paRBdToLW8Ptg82EcHDsER_peBW8ZZ0oozKIa4wE9QvOv5UTGgvpS7DPc_2ImoNRFMaOBvtmmY33UU6lLMCEd-Zi0A_YMRhShX16pIgQiD49ymPjtRPdHEJ7iLmK5fIJQzZTdbT2f4hoASkdzz99uSxeIQyWiVD3qHuNdTMsaRrOGEzTKRWq5uGxloHFdzXv8f8Q0YZgWSOScfaj4_SLB_w47dqX-NLQVEMRybTMyifW6Om4ElmmG_c7wFTeoqbAQCb11d9XbRwwHENvG8dCCll_VVvDYbR8dSTvgU633iyAGxt4e65u55J5gkzMxQNMt9WA0PIqVnO1xYQT3eNHQ6cT21UZZZ2gJyDu5e1-odNXPzOJJxnUSo0jRBdS9S21mnQGRrHwM3nNBJnzcjk6Q4vFbXp6ZOg1-yxWGSoeubviKlKVPw3e0CrRA4x2dHT0IfZY-3RwBUkqcv4zwDHqnX0w5b5mAeNgP1-0-IHUwGkiauaZlMjnU1ChvJlfl_k-7lBsfgSIcVQsO4ynYpZX_Q4mazSLudn6ZLEMEwdLkzsEM8DoIf9XXzABqtPPUYxkzUDGFXpxjYUSHDw--gOj04R0jmna60DOkLbcBsZrYUhSt0FZY4M-1XtTAj521rdpla33qa4QtYfZMuzW-b2sXaG2pp_1vFUxNZHouJClzWz073CM9nof7zpDaw6v_EGBrxBmS1aU95PvqDjhZDHC7mgbILSRfq2bzRMhpDca9n196q8ldzAnuexws8HCr6DauOiXCKACn5ntskgs92dOKi7uqasjyKUNfo8SrmWQ7XmSRVWiDoZGf3A1SP7u_kHLs5ELxiHWnAFKVkKS0EJdeH6JuNuTrBrcpK3u4rMWTPMuANVUYL5M5W6blsUzJfDl-MWvictWlQqAv4ISabFpjrIVALEDr4I8ix8pYofX-BmyYa9zKRj_xrpWYCc_9CkDAUiWO0OaHpU--I1ydk4pzzItU7sBD4aUJE0_C2Sdmt3IFXve5wB-f-NA7WU3dssP-HEJ31EcWXAjph8KKdY6-ZU-uLTBGfFlPcF-mruv3JCeLSRY6FosQ4z1096tKyJ20FgdC_1MSt6EPAccw7H6ottOFLPA6evkFT6AWNVqv_4SW0rJaCLxJknspDutjWkqnCETqgE9DvOV8El7fY9ieSuCSXaqHbMGlR7cNrfDoyrVLbPcyKOq0hF1mB963W_6lznmA7J-9UTEjleoCKfHshACMH1SMf1uun9un0vH3fq3N7NVhSRvCrx3KCVc_6WYJD-LqxMQ_zsqHVMh5PYzdasUN3vPUIYkzWx-gsNWZjvezGYbnu0Wf5u8Bu3iTYo8rpbfLtvetFwEejqmE5AS8VBbImzHZE9zQheXZGYdZWFl26ph18kwbdl_6dxTvqhp8iY-zCi7fGkSb-J9P7QD7PPx3d_5WIMNzEIfh9PRAEWNtmSeLwonkXDk-4oVvlW2fFooOA2fCMrCczGz-2QXyG5zEAwO6ci6qWFdX9KEEidHWrPhaTWWqdYWeAyGjCCeQWc-lr4uQnSV2bo9QAVfg6xAauvxZX5yXnkhZGrMIyF8NzdBBJNL8CO-g1oZvB87EsucxQcHV9KFYpDt9iHd7HjntcDc3pzkNZooXj6J2WNI5RxvDZ6kTDnHhQhxhHbtm5VJkFtsjRNm5kLdTvpvoHEFafRcdpUGMPlK5k8OPjDs0FkIwpJiO0leFRFKyp8phJSl3ggPvF4fg4OeIFVN7G5_z_1hTjUxs-FTvZ38w_UUFlTWrSfRPMoneQ7RaohdIYEgh7Vhh3XhyZ8c6CBYY-N5pGGlu2792iaFwfp1QZI3yfFN6khH4oeFGWLwx8jF8b67jkZOwIrGLBZrByUbDc38nt-3T45LFDwVE7C3H86O9K2pyx9pOVjTkvUfu7wJzBvwkCoeQeEXFHwa1hTsslo5oNVzIaeOh9oyISrTMwgl12s4kgJL2h8Uptg4rqT-aQIz3DUxFulNjUOIe_SiQCI4yG48bbd8d0RvBFu&cid=CAASEuRo5ovdRsGaxgcgIQB1iMndyg&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e361c31595a84b483800f7629b33586b19f0772bdc69a383ed51483039464eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28709
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FBF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AneNlZGQ35BqJQvf_B6mwHgZwSZabD8piJ68gtGql1LyCVdyf2Y3R5dypTO8brJfvXgN3qfke-ODn8ZO99efFVgO5-LSTqI7jV1v-lCBiBBbjJ8qc
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 5FBF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:19:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FBF 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:27:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 5FBF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:06 GMT
l
www.google.com/ads/measurement/ Frame 5FBF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTY4blbddjOzutvQs2Vd06yhMoQoR_yhF9OZEObjyQwcyWEK-aMpHQp41AfIjEk2IdGskNNsjXlUlboTp9bNxVwLzUwpg
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5425 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Sep 2021 20:27:58 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4AA0 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBIaWH_CQX4nL-qhEKgMLs9Bf_gW08d-WrR5Gc2EAqIv95Ert0NmlpNA5SMTlDBT00EWZY_GBJYgH8vMBfkFFMzDrYTxAm8fM3AinhsM0Qs-KnGuduXj_ahJoK9NcY5qGNtbkyHppQB7nPxba9NaCZOQHQw&cry=1&dbm_d=AKAmf-AzxKuSqWGLiV7MTxW6CIJSS2UIOz3KYdZzBh2sGYMob1FYBEpkq55wxWruP9LpQBTXlyAsLQ5JanFHEFnQFzukP73IzTKngcevCwrNjJ_SEGppbvNEnn7HvtMb1xHmZJMNyR7SwbWLXrc4mE2MLqRHPmtu9rAjv4JyZkU6I-9HfpAL4P3Ws7SnwLfg6xYqFK_vwF64ISTbJlXGyfyRnEKTA_usklZAToLCdJbUaI1KfQDzEdnvRpOVf5tPLRWnwQd1ihTWaScVEXBDGjFnt0j_ZFBPtEl9LR70WATzJcG2Q3zPb-UBjh0QJCQfH5yBY3-mjGcEF3Soo0tW8PF6TQ_w9l66f1vVpN4T7C2Ybj6fekt7GHxaks5SfrBXgv-uq9QgklS94XPkTO60Me15KMPvJVvSaYed9u4yqPq_z4CPlV7vZR7AMw10eT_dKRR7xLkfGSs4s9fcZsERKYA4HOytpAW6aMbonHWCiBzdV5H-mS6VjHJAZfHCM_r0Kh6KWjeL41v56KKLRFFk8T5lxdTgzrXhsxvuXMkXSbUJ6JiMGeQzpRmA3fxEvVs39Jx-4wpHuOlgOlQX2F8jEaz4JjUMfN9zUiquxkZ8yZjNCme5FgLRycwiMj0UxxzOjcm4C34eV8NqOLdP-_bG8X0UZvNmpT4qxu7AeMw6U1mHlQh47DxznDSWv2VSqH0Qtc5pITFZSAhdyCRClCZDj7zqg2Dq_q76oK6hr4UTr7IMBqJLOHXKC9Vdy-xr7IP8SE7Ec8nnDDhYe7rfeLsIVgyLD4D1tbgP3-XL7eM-XIfKfxyJVEl20YvpvqMY7BNQjJ7DioxkU5c23xq8ZvUYgOZLOurXmpNkBckOaG7M1HNJyRg2oS7KyuzR41Xe0cQXbhkdXaRCRZ1a_FQouSfd4xyEKpHzyKGUC8m6fPzApO-wGsjNAh7TBqBzonU3wp9twqHDcccK5aT04YHGi_qEYIipP842OzHCaHfNR8XndBeIPmfnfnMjjak2H2qEt6rzCPW4BdMn1lX_RycDEPEcRbY0IRb-MwVyZD2ore9VW8bhxgkJefn9UKBDJf2pY0VA5L-55yTREnU4EEOnckEmc4clfP5BNbFcVKmGORC5DhMIPUNV_5XxHGdtOiRu03OdsK-7fqO-xIj0FWXDiB-Fo7dGhs61PseiABXrqWDMRsGbDumex3FCZV6Vcez2hETe6pVbKS8htux6kdxo2wQ9OI9deeR9EK92oXd25HSjug6r8GGYNbrgt5fo34538QrM4OfT2-puH9edoXKyO-oD8wgRJClfohR4QrxoquPVFwVKuJhGWOVv1Mvy0FkGUudcHPbT5rCum0JlJ-6Q13Bj8_6xwagaqRxOHKGdwKOZvqIIkrZWX9d7juonAE-crYBhzYtjkLYqx9k4ryVDYRrbeoYYp8CuWokXWhfc1DqHFNjTWsBaHcF51vshFVWSdk6WdoIqywWW8iyLlHIKmAEK1McqvrZybKrGfYfVdSdOSeYzykAHIDXCWdPzLRXLK4gMH6PPOb1CYRCB9vn7hAlwUoxOQdB9ohYc8xqBwuQzhSrqSVsLPOT26428_fIpNPph0wY-tcvIoiadskTW9Zoc8biQagZAgqdC7NAHp4RrM9QokcmM3_qIXKUn4-P6VTnqOmKpdLqiybizk5ufznjHBowJvSSOJgJrgp49UoRJ9EXvs3H6ozoa9qRGAhwqS23vw1owCdbqjMp6BD4Cv8qPF0CnEiksAf1BaUOw6u3blPsejgqhB_I5LWy8uJy1efH61ZvtrfOXBgG4NwS2tLgjpMPDoILV4dnhlrFr7qk-eRDqoCaQP3QGxr02xgnccnImFB-8lu042NhNTqpADDMJOyC5yFdL39wBNNC4ucSIXzVcXIsZ2Ta0BMC3tPieWG8QcvOvzqcovr8ykQXN4-1RSUJmzhSHupJ8IJvS_U28U2y59i9Vkljbi1NJ687GPe7cdh3d510cGtOu7fUXBu7HCmscorBk15xz6FIjeGYxIQKNCknsj-yNYmpM-twcJO_pv3CpvNhcu_uIEVVirFfpMfNu41KLCVESVw4ANRT_2aYcVX30THV2FMKjZIeh7baQFaHCDK_59501ieV979NhUsN1qDSvBVszyS0NMfYBFTlLHTpAstCofU3IW2xeJI3A6QkKmP6cqHhy7aquL7VpEVCxp-6GRONZUzm8dpYZHo8OaUoBwFmF-xvc_z-xF3Hm_xQG2qN_GLC7XUi2NV9U1ojUUUtTnZ4cNzOP5YBS4VyzdshsHGKXME3hjuu3Ktcq3twyDyVyJYRkcNptW9JUs8C7yx6gP7aBWKRT1PWIlWcBR7nyRWB4JqsdmTlGaiRbYO61yEqWFufhiYpei6Af4sSpW2B8B1fPPHcuHYBhQ7T_z9zFyNa5obV9tHkowWoV2Y2U_y6ktdulnfqT3-rHGnoBlLS80K3R1iqjDWaDVT6I_7giIWhWjEmLU4kILjurykSfFVocXhh69r-FXbMlxwy3t7Mox5ehowfB9QfExDXZSxQagjzxMD4ZRQEvONovdNc4UdXBRS056WX8RVimI233rDH4mkowoCcwBTgxPnq5Hcza53hfBQ-Mmm8Clee9SuDKcOxB_u7xG_9SLF2M2zcaswkZXBMbKL_Ud-NvlHlkfNNn5uKKpjs4xBUx4IkhnnPEEYkJgfgkdj12uAcYwdklMuaZ6lbNRpsC3xrgOCfuswi3UwKV6V9-HrzOOo7VhPAsFFwGPdPtK1d63An5L_vIPVj2k4sjSXNhjWuTwtGzj0XVY4bVlEXG8rf_CCgDRkcDbTb7qcWlCW73pwS_giXXnw4LdV3YZpOb8sh4yhGISGzBxyZ23lGiav64vrOeaS0oTcEd_DejmXxCf41nBz0Z2M3_400PLDYymD_IJaDZsKH6a4t-ab5BZoEQser0iDkCooK5vQufBadjU0UA-yCdrrRHvlpDBPw9PQpViQK0iLgb0a-WL02BlmJEgvgR0ar7_Q_2idtwUm4N0jHbG1uVH-xM_e1SvoohReQ7Eur8nJ829E2DhT6X_UD8pb8lrR0zNpVRKSf1JQaXsdEjmSBjh9eGbfnrEgB3R1Ce2T31A-Ug5QPd1eIKJ7jy-u_oJUwC1mmEI-p3SydFerYmV3YlfxC7ib0xzGXNXJwLlKgCe-WdJB5-S9ZByBeGzpsAh99ZBEkBqO5edEakDrV9zJudI2nzc8hYxRo7Ppa0PnmrwZMCV5gQDlPbEtRu7tSwDSydjhLZEc5VAGJWpuPRoXESoBYHyktC2JvMxAL-pDq6WgQac3EC0o_Pv9VxzLXtb76Lpbc2eh6532DARuu1JB0dMwKqDSkT-A&cid=CAASEuRoJioIKSvSOsPTRYxIkTvsLQ&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
3c19ab6c180556514587eff09682cf2a3bdcca252cfec4edbaa470848a81a1d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13122
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AA0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUMOF77dZADoe7C6BHplTprfVIGGfz9fQskZDITXGNaYfFyLBmi_JS4IhhqjjFGYCInhQtiOhOH2ed9Y6qrBsCC2Fv_sjLrUANJCK7TcxtrbYokfI
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 4AA0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:19:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4AA0 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:27:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 4AA0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:06 GMT
l
www.google.com/ads/measurement/ Frame 4AA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv2jkgg9z7hIwXwkhR9yK40OgdUpx6IyT9cSqCtKRIAos7Al5wRVIyZkT6EEp9QtfwbuMnzPbsuX12E13GiO6NNl5ZEg
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pujbtiupbyzbda0hn0jh_MOBILE.mp4
vidstat.taboola.com/uploadedVideos/228385/ 		974 KB
975 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/228385/pujbtiupbyzbda0hn0jh_MOBILE.mp4
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87a1b2ea7c0a55527109d5ca3a005f529dcf42f2ef57f7ae2962d21335d1bcf8

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront), 1.1 varnish
age
496461
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-997561/997562
x-amz-meta-md5-hash
9a4620056c9d2412c56d2a92cb09656b
Content-Length
997562
x-served-by
cache-hhn11566-HHN
last-modified
Sun, 01 Aug 2021 18:15:25 GMT
server
AmazonS3
x-timer
S1631651278.454757,VS0,VE1
etag
"9a4620056c9d2412c56d2a92cb09656b"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WgK6cXWboeKIXRPLYPOLDrwLLNAw8ohtja-vUD4jVyR-WMNC9X74FQ==
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 2B2B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e79c4810102b289ddad74e8a731fdab545e666cb04cde36d2daa32c7a469508b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42273
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 15 Sep 2021 08:12:31 GMT
/
pips.taboola.com/ 		4 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19135-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame C989
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.32.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-32-250.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 14 Sep 2021 20:27:58 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C989
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUEFzi0epgmz.efDmRzC2QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.32.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-32-250.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 14 Sep 2021 20:27:58 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNsDo5I5b9bjGEkPEEPYg0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C989
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFb6_RGilmMoiCRZsT4kYfU&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFb6_RGilmMoiCRZsT4kYfU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
X-Proxy-Origin
216.131.114.205; 216.131.114.205; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
50532a45-0aa6-49ef-9af4-b19ab21304ac
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFb6_RGilmMoiCRZsT4kYfU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C989
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMzM2ODU2NDgyNzMxNTc1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMzM2ODU2NDgyNzMxNTc1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj_orazATAB&v=APEucNWIYAwDxlYD1Km24mN2568nqSOCAUJDdS-aNL-ceK0h_EF_LMdD6kQytMrdViSY8mLMsIlYGQCmBx3DkUSkvWeuvPEIrg_X8UkpxTprmaRDjzLp1PKWDk4DymCnI2K-0z1Ai8Otl7CTKkvZP0hGgJqgDLyzU4C5atnbmI5CxWsWuNSo5QpQXRwt1mOuisVd_0_CmEuf5k8uVeFhEa0hWrKJ_zP4zA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
X-Proxy-Origin
216.131.114.205; 216.131.114.205; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f7ec091-92c6-40fd-bf81-5c4dbc3fa121
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMzM2ODU2NDgyNzMxNTc1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2B2B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
n.js
geo.moatads.com/ 		98 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&m=0&ar=503c7d4-clean&iw=92b12c8&q=2&cb=0&ym=0&cu=1631651278481&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A932%3A932%3A0%3A1559&jm=-1&fs=194337&na=1020645953&cs=0&ord=1631651278481&jv=609460802&callback=DOMlessLLDcallback_45127076
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.226.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-226-229.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
35938db5ca4da1d73f98cb5022fe0d670bcd82985713fcbed627010c926dfdbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"112e5a1a31325d3a5c0a8bafc73822ad91c2e89f"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&m=0&ar=503c7d4-clean&iw=92b12c8&q=3&cb=0&ym=0&cu=1631651278481&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A932%3A932%3A0%3A1559&jm=-1&fs=194337&na=1878011731&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:27:58 GMT
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Sep 2021 20:27:58 GMT
Cache-Control
no-store
Server
nginx
Connection
close
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 5FBF 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Origin
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 03:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Sep 2021 03:00:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame 5FBF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMztwX8kIa8k6MLoA5RC8-nFmULop46F_56mgOES9vtnXivNiqruvIveGmOhALu9Bvm5mN-Ww8v_S20VZ9YcWvqLRzbG7oSLgQkXYgn8mJ0LIgn669dsUblUMVc0apikTlpa1R7r7dsel1prZD6yl8UVAF7Q&dbm_d=AKAmf-D8J5uTur1kGgB6IYnftE0_1PiVW06tKQR184HbNAQ8at7hAFruYD8BxIMtUDUTGFBvL-TXcCEVnkKgjrKDO_PAwOd5hzNUvpgUfSJlpYxx_v20F9LFy7CWqfSz2XBRjjrMTLzA7oSKfOK7eY4qF_2LoOWOZ9d2tehPWl5UHb9KYWRo6_-os19sx21517CjPuqR1DH9TpSNn9qV_gTOpVJEGfs_b4qhkylc41JhGW-3QuBf795r6tkPiRkCYRG6GIiai6qCmR_0G1bBNs-AudyylWgKVqnTtH4LI99gdY0dzyWZJZiiASatqI58j-8A1d9W3VKKRJR9k_NbkqC1VLtvfLk2c1aSxtV8xxHxSJlar7tEuzP-JpI79SKG75pwcr7V8wnuyzLvf3CQCiUV3lzHjGQ7dUx_ZTSlgLzvvD9EVanXq1E5UrPqhSUgo8ocsPVNWUWQ9mHgleMCsK8yCfs2Un-ybxl3td-T7BpYyYL4pzNpEwq0WVbFrcRxnaXDortpAxtgFCCbSSjP1mvTnbdBKkEFWG1cuCLEfp6TF6iAWAfiywABcniREu5eSkYyHyGIyHWOXe_UtxovLYDxKKliI0nUu6GOuI8B_uLZQPk_OtPh7JKHQvdXW5BDGa1o3-77nkKXIEIgF9eetzbojfR-yc2nJb4szpQYgVldO5CPY5q2_M-wp2U5EsAz593ro4RRFv3BPHQylojxIc3N2v6wyYKW2sjCuieaLJN5ZSAbcP46Nw7oJk_COkRfDWZS3jyQt6W46RkWx1V5W-yJL0mjZnMxrjQjNj1aYgFc5H-vD_G7ZI7I38Jk8jwDcYzpKsMSr04ps-QGaenRkkA_hmcMtsREyok6hNVzmz6ZzYwiHPBXG4rsxV2tCIyU6GdZab2rm1HNr2Mi_CWmauyCf0RdEiph7Mtj2Clpp1-q4FXRvIy1b1Cl1aiD0h6DHzyUgrjuYcAkEnSzUCRQPO6E_awTavzOguHUykTqLBdT71TEFuVmr0Sy1fB7738Ruw6xE0ZjnwrE4gO9oSFbE4G4Zb7M17f_AemWBe5NGQnZJ6_KyCO_fXk92G8uyV0Dd-h2SjG09SUx26P51RV3uUO5yB4AcIEAT4Oh_paRBdToLW8Ptg82EcHDsER_peBW8ZZ0oozKIa4wE9QvOv5UTGgvpS7DPc_2ImoNRFMaOBvtmmY33UU6lLMCEd-Zi0A_YMRhShX16pIgQiD49ymPjtRPdHEJ7iLmK5fIJQzZTdbT2f4hoASkdzz99uSxeIQyWiVD3qHuNdTMsaRrOGEzTKRWq5uGxloHFdzXv8f8Q0YZgWSOScfaj4_SLB_w47dqX-NLQVEMRybTMyifW6Om4ElmmG_c7wFTeoqbAQCb11d9XbRwwHENvG8dCCll_VVvDYbR8dSTvgU633iyAGxt4e65u55J5gkzMxQNMt9WA0PIqVnO1xYQT3eNHQ6cT21UZZZ2gJyDu5e1-odNXPzOJJxnUSo0jRBdS9S21mnQGRrHwM3nNBJnzcjk6Q4vFbXp6ZOg1-yxWGSoeubviKlKVPw3e0CrRA4x2dHT0IfZY-3RwBUkqcv4zwDHqnX0w5b5mAeNgP1-0-IHUwGkiauaZlMjnU1ChvJlfl_k-7lBsfgSIcVQsO4ynYpZX_Q4mazSLudn6ZLEMEwdLkzsEM8DoIf9XXzABqtPPUYxkzUDGFXpxjYUSHDw--gOj04R0jmna60DOkLbcBsZrYUhSt0FZY4M-1XtTAj521rdpla33qa4QtYfZMuzW-b2sXaG2pp_1vFUxNZHouJClzWz073CM9nof7zpDaw6v_EGBrxBmS1aU95PvqDjhZDHC7mgbILSRfq2bzRMhpDca9n196q8ldzAnuexws8HCr6DauOiXCKACn5ntskgs92dOKi7uqasjyKUNfo8SrmWQ7XmSRVWiDoZGf3A1SP7u_kHLs5ELxiHWnAFKVkKS0EJdeH6JuNuTrBrcpK3u4rMWTPMuANVUYL5M5W6blsUzJfDl-MWvictWlQqAv4ISabFpjrIVALEDr4I8ix8pYofX-BmyYa9zKRj_xrpWYCc_9CkDAUiWO0OaHpU--I1ydk4pzzItU7sBD4aUJE0_C2Sdmt3IFXve5wB-f-NA7WU3dssP-HEJ31EcWXAjph8KKdY6-ZU-uLTBGfFlPcF-mruv3JCeLSRY6FosQ4z1096tKyJ20FgdC_1MSt6EPAccw7H6ottOFLPA6evkFT6AWNVqv_4SW0rJaCLxJknspDutjWkqnCETqgE9DvOV8El7fY9ieSuCSXaqHbMGlR7cNrfDoyrVLbPcyKOq0hF1mB963W_6lznmA7J-9UTEjleoCKfHshACMH1SMf1uun9un0vH3fq3N7NVhSRvCrx3KCVc_6WYJD-LqxMQ_zsqHVMh5PYzdasUN3vPUIYkzWx-gsNWZjvezGYbnu0Wf5u8Bu3iTYo8rpbfLtvetFwEejqmE5AS8VBbImzHZE9zQheXZGYdZWFl26ph18kwbdl_6dxTvqhp8iY-zCi7fGkSb-J9P7QD7PPx3d_5WIMNzEIfh9PRAEWNtmSeLwonkXDk-4oVvlW2fFooOA2fCMrCczGz-2QXyG5zEAwO6ci6qWFdX9KEEidHWrPhaTWWqdYWeAyGjCCeQWc-lr4uQnSV2bo9QAVfg6xAauvxZX5yXnkhZGrMIyF8NzdBBJNL8CO-g1oZvB87EsucxQcHV9KFYpDt9iHd7HjntcDc3pzkNZooXj6J2WNI5RxvDZ6kTDnHhQhxhHbtm5VJkFtsjRNm5kLdTvpvoHEFafRcdpUGMPlK5k8OPjDs0FkIwpJiO0leFRFKyp8phJSl3ggPvF4fg4OeIFVN7G5_z_1hTjUxs-FTvZ38w_UUFlTWrSfRPMoneQ7RaohdIYEgh7Vhh3XhyZ8c6CBYY-N5pGGlu2792iaFwfp1QZI3yfFN6khH4oeFGWLwx8jF8b67jkZOwIrGLBZrByUbDc38nt-3T45LFDwVE7C3H86O9K2pyx9pOVjTkvUfu7wJzBvwkCoeQeEXFHwa1hTsslo5oNVzIaeOh9oyISrTMwgl12s4kgJL2h8Uptg4rqT-aQIz3DUxFulNjUOIe_SiQCI4yG48bbd8d0RvBFu&cid=CAASEuRo5ovdRsGaxgcgIQB1iMndyg&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 5FBF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMztwX8kIa8k6MLoA5RC8-nFmULop46F_56mgOES9vtnXivNiqruvIveGmOhALu9Bvm5mN-Ww8v_S20VZ9YcWvqLRzbG7oSLgQkXYgn8mJ0LIgn669dsUblUMVc0apikTlpa1R7r7dsel1prZD6yl8UVAF7Q&dbm_d=AKAmf-D8J5uTur1kGgB6IYnftE0_1PiVW06tKQR184HbNAQ8at7hAFruYD8BxIMtUDUTGFBvL-TXcCEVnkKgjrKDO_PAwOd5hzNUvpgUfSJlpYxx_v20F9LFy7CWqfSz2XBRjjrMTLzA7oSKfOK7eY4qF_2LoOWOZ9d2tehPWl5UHb9KYWRo6_-os19sx21517CjPuqR1DH9TpSNn9qV_gTOpVJEGfs_b4qhkylc41JhGW-3QuBf795r6tkPiRkCYRG6GIiai6qCmR_0G1bBNs-AudyylWgKVqnTtH4LI99gdY0dzyWZJZiiASatqI58j-8A1d9W3VKKRJR9k_NbkqC1VLtvfLk2c1aSxtV8xxHxSJlar7tEuzP-JpI79SKG75pwcr7V8wnuyzLvf3CQCiUV3lzHjGQ7dUx_ZTSlgLzvvD9EVanXq1E5UrPqhSUgo8ocsPVNWUWQ9mHgleMCsK8yCfs2Un-ybxl3td-T7BpYyYL4pzNpEwq0WVbFrcRxnaXDortpAxtgFCCbSSjP1mvTnbdBKkEFWG1cuCLEfp6TF6iAWAfiywABcniREu5eSkYyHyGIyHWOXe_UtxovLYDxKKliI0nUu6GOuI8B_uLZQPk_OtPh7JKHQvdXW5BDGa1o3-77nkKXIEIgF9eetzbojfR-yc2nJb4szpQYgVldO5CPY5q2_M-wp2U5EsAz593ro4RRFv3BPHQylojxIc3N2v6wyYKW2sjCuieaLJN5ZSAbcP46Nw7oJk_COkRfDWZS3jyQt6W46RkWx1V5W-yJL0mjZnMxrjQjNj1aYgFc5H-vD_G7ZI7I38Jk8jwDcYzpKsMSr04ps-QGaenRkkA_hmcMtsREyok6hNVzmz6ZzYwiHPBXG4rsxV2tCIyU6GdZab2rm1HNr2Mi_CWmauyCf0RdEiph7Mtj2Clpp1-q4FXRvIy1b1Cl1aiD0h6DHzyUgrjuYcAkEnSzUCRQPO6E_awTavzOguHUykTqLBdT71TEFuVmr0Sy1fB7738Ruw6xE0ZjnwrE4gO9oSFbE4G4Zb7M17f_AemWBe5NGQnZJ6_KyCO_fXk92G8uyV0Dd-h2SjG09SUx26P51RV3uUO5yB4AcIEAT4Oh_paRBdToLW8Ptg82EcHDsER_peBW8ZZ0oozKIa4wE9QvOv5UTGgvpS7DPc_2ImoNRFMaOBvtmmY33UU6lLMCEd-Zi0A_YMRhShX16pIgQiD49ymPjtRPdHEJ7iLmK5fIJQzZTdbT2f4hoASkdzz99uSxeIQyWiVD3qHuNdTMsaRrOGEzTKRWq5uGxloHFdzXv8f8Q0YZgWSOScfaj4_SLB_w47dqX-NLQVEMRybTMyifW6Om4ElmmG_c7wFTeoqbAQCb11d9XbRwwHENvG8dCCll_VVvDYbR8dSTvgU633iyAGxt4e65u55J5gkzMxQNMt9WA0PIqVnO1xYQT3eNHQ6cT21UZZZ2gJyDu5e1-odNXPzOJJxnUSo0jRBdS9S21mnQGRrHwM3nNBJnzcjk6Q4vFbXp6ZOg1-yxWGSoeubviKlKVPw3e0CrRA4x2dHT0IfZY-3RwBUkqcv4zwDHqnX0w5b5mAeNgP1-0-IHUwGkiauaZlMjnU1ChvJlfl_k-7lBsfgSIcVQsO4ynYpZX_Q4mazSLudn6ZLEMEwdLkzsEM8DoIf9XXzABqtPPUYxkzUDGFXpxjYUSHDw--gOj04R0jmna60DOkLbcBsZrYUhSt0FZY4M-1XtTAj521rdpla33qa4QtYfZMuzW-b2sXaG2pp_1vFUxNZHouJClzWz073CM9nof7zpDaw6v_EGBrxBmS1aU95PvqDjhZDHC7mgbILSRfq2bzRMhpDca9n196q8ldzAnuexws8HCr6DauOiXCKACn5ntskgs92dOKi7uqasjyKUNfo8SrmWQ7XmSRVWiDoZGf3A1SP7u_kHLs5ELxiHWnAFKVkKS0EJdeH6JuNuTrBrcpK3u4rMWTPMuANVUYL5M5W6blsUzJfDl-MWvictWlQqAv4ISabFpjrIVALEDr4I8ix8pYofX-BmyYa9zKRj_xrpWYCc_9CkDAUiWO0OaHpU--I1ydk4pzzItU7sBD4aUJE0_C2Sdmt3IFXve5wB-f-NA7WU3dssP-HEJ31EcWXAjph8KKdY6-ZU-uLTBGfFlPcF-mruv3JCeLSRY6FosQ4z1096tKyJ20FgdC_1MSt6EPAccw7H6ottOFLPA6evkFT6AWNVqv_4SW0rJaCLxJknspDutjWkqnCETqgE9DvOV8El7fY9ieSuCSXaqHbMGlR7cNrfDoyrVLbPcyKOq0hF1mB963W_6lznmA7J-9UTEjleoCKfHshACMH1SMf1uun9un0vH3fq3N7NVhSRvCrx3KCVc_6WYJD-LqxMQ_zsqHVMh5PYzdasUN3vPUIYkzWx-gsNWZjvezGYbnu0Wf5u8Bu3iTYo8rpbfLtvetFwEejqmE5AS8VBbImzHZE9zQheXZGYdZWFl26ph18kwbdl_6dxTvqhp8iY-zCi7fGkSb-J9P7QD7PPx3d_5WIMNzEIfh9PRAEWNtmSeLwonkXDk-4oVvlW2fFooOA2fCMrCczGz-2QXyG5zEAwO6ci6qWFdX9KEEidHWrPhaTWWqdYWeAyGjCCeQWc-lr4uQnSV2bo9QAVfg6xAauvxZX5yXnkhZGrMIyF8NzdBBJNL8CO-g1oZvB87EsucxQcHV9KFYpDt9iHd7HjntcDc3pzkNZooXj6J2WNI5RxvDZ6kTDnHhQhxhHbtm5VJkFtsjRNm5kLdTvpvoHEFafRcdpUGMPlK5k8OPjDs0FkIwpJiO0leFRFKyp8phJSl3ggPvF4fg4OeIFVN7G5_z_1hTjUxs-FTvZ38w_UUFlTWrSfRPMoneQ7RaohdIYEgh7Vhh3XhyZ8c6CBYY-N5pGGlu2792iaFwfp1QZI3yfFN6khH4oeFGWLwx8jF8b67jkZOwIrGLBZrByUbDc38nt-3T45LFDwVE7C3H86O9K2pyx9pOVjTkvUfu7wJzBvwkCoeQeEXFHwa1hTsslo5oNVzIaeOh9oyISrTMwgl12s4kgJL2h8Uptg4rqT-aQIz3DUxFulNjUOIe_SiQCI4yG48bbd8d0RvBFu&cid=CAASEuRo5ovdRsGaxgcgIQB1iMndyg&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9258
x-xss-protection
0
server
cafe
etag
9058358164849487988
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 4AA0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBIaWH_CQX4nL-qhEKgMLs9Bf_gW08d-WrR5Gc2EAqIv95Ert0NmlpNA5SMTlDBT00EWZY_GBJYgH8vMBfkFFMzDrYTxAm8fM3AinhsM0Qs-KnGuduXj_ahJoK9NcY5qGNtbkyHppQB7nPxba9NaCZOQHQw&cry=1&dbm_d=AKAmf-AzxKuSqWGLiV7MTxW6CIJSS2UIOz3KYdZzBh2sGYMob1FYBEpkq55wxWruP9LpQBTXlyAsLQ5JanFHEFnQFzukP73IzTKngcevCwrNjJ_SEGppbvNEnn7HvtMb1xHmZJMNyR7SwbWLXrc4mE2MLqRHPmtu9rAjv4JyZkU6I-9HfpAL4P3Ws7SnwLfg6xYqFK_vwF64ISTbJlXGyfyRnEKTA_usklZAToLCdJbUaI1KfQDzEdnvRpOVf5tPLRWnwQd1ihTWaScVEXBDGjFnt0j_ZFBPtEl9LR70WATzJcG2Q3zPb-UBjh0QJCQfH5yBY3-mjGcEF3Soo0tW8PF6TQ_w9l66f1vVpN4T7C2Ybj6fekt7GHxaks5SfrBXgv-uq9QgklS94XPkTO60Me15KMPvJVvSaYed9u4yqPq_z4CPlV7vZR7AMw10eT_dKRR7xLkfGSs4s9fcZsERKYA4HOytpAW6aMbonHWCiBzdV5H-mS6VjHJAZfHCM_r0Kh6KWjeL41v56KKLRFFk8T5lxdTgzrXhsxvuXMkXSbUJ6JiMGeQzpRmA3fxEvVs39Jx-4wpHuOlgOlQX2F8jEaz4JjUMfN9zUiquxkZ8yZjNCme5FgLRycwiMj0UxxzOjcm4C34eV8NqOLdP-_bG8X0UZvNmpT4qxu7AeMw6U1mHlQh47DxznDSWv2VSqH0Qtc5pITFZSAhdyCRClCZDj7zqg2Dq_q76oK6hr4UTr7IMBqJLOHXKC9Vdy-xr7IP8SE7Ec8nnDDhYe7rfeLsIVgyLD4D1tbgP3-XL7eM-XIfKfxyJVEl20YvpvqMY7BNQjJ7DioxkU5c23xq8ZvUYgOZLOurXmpNkBckOaG7M1HNJyRg2oS7KyuzR41Xe0cQXbhkdXaRCRZ1a_FQouSfd4xyEKpHzyKGUC8m6fPzApO-wGsjNAh7TBqBzonU3wp9twqHDcccK5aT04YHGi_qEYIipP842OzHCaHfNR8XndBeIPmfnfnMjjak2H2qEt6rzCPW4BdMn1lX_RycDEPEcRbY0IRb-MwVyZD2ore9VW8bhxgkJefn9UKBDJf2pY0VA5L-55yTREnU4EEOnckEmc4clfP5BNbFcVKmGORC5DhMIPUNV_5XxHGdtOiRu03OdsK-7fqO-xIj0FWXDiB-Fo7dGhs61PseiABXrqWDMRsGbDumex3FCZV6Vcez2hETe6pVbKS8htux6kdxo2wQ9OI9deeR9EK92oXd25HSjug6r8GGYNbrgt5fo34538QrM4OfT2-puH9edoXKyO-oD8wgRJClfohR4QrxoquPVFwVKuJhGWOVv1Mvy0FkGUudcHPbT5rCum0JlJ-6Q13Bj8_6xwagaqRxOHKGdwKOZvqIIkrZWX9d7juonAE-crYBhzYtjkLYqx9k4ryVDYRrbeoYYp8CuWokXWhfc1DqHFNjTWsBaHcF51vshFVWSdk6WdoIqywWW8iyLlHIKmAEK1McqvrZybKrGfYfVdSdOSeYzykAHIDXCWdPzLRXLK4gMH6PPOb1CYRCB9vn7hAlwUoxOQdB9ohYc8xqBwuQzhSrqSVsLPOT26428_fIpNPph0wY-tcvIoiadskTW9Zoc8biQagZAgqdC7NAHp4RrM9QokcmM3_qIXKUn4-P6VTnqOmKpdLqiybizk5ufznjHBowJvSSOJgJrgp49UoRJ9EXvs3H6ozoa9qRGAhwqS23vw1owCdbqjMp6BD4Cv8qPF0CnEiksAf1BaUOw6u3blPsejgqhB_I5LWy8uJy1efH61ZvtrfOXBgG4NwS2tLgjpMPDoILV4dnhlrFr7qk-eRDqoCaQP3QGxr02xgnccnImFB-8lu042NhNTqpADDMJOyC5yFdL39wBNNC4ucSIXzVcXIsZ2Ta0BMC3tPieWG8QcvOvzqcovr8ykQXN4-1RSUJmzhSHupJ8IJvS_U28U2y59i9Vkljbi1NJ687GPe7cdh3d510cGtOu7fUXBu7HCmscorBk15xz6FIjeGYxIQKNCknsj-yNYmpM-twcJO_pv3CpvNhcu_uIEVVirFfpMfNu41KLCVESVw4ANRT_2aYcVX30THV2FMKjZIeh7baQFaHCDK_59501ieV979NhUsN1qDSvBVszyS0NMfYBFTlLHTpAstCofU3IW2xeJI3A6QkKmP6cqHhy7aquL7VpEVCxp-6GRONZUzm8dpYZHo8OaUoBwFmF-xvc_z-xF3Hm_xQG2qN_GLC7XUi2NV9U1ojUUUtTnZ4cNzOP5YBS4VyzdshsHGKXME3hjuu3Ktcq3twyDyVyJYRkcNptW9JUs8C7yx6gP7aBWKRT1PWIlWcBR7nyRWB4JqsdmTlGaiRbYO61yEqWFufhiYpei6Af4sSpW2B8B1fPPHcuHYBhQ7T_z9zFyNa5obV9tHkowWoV2Y2U_y6ktdulnfqT3-rHGnoBlLS80K3R1iqjDWaDVT6I_7giIWhWjEmLU4kILjurykSfFVocXhh69r-FXbMlxwy3t7Mox5ehowfB9QfExDXZSxQagjzxMD4ZRQEvONovdNc4UdXBRS056WX8RVimI233rDH4mkowoCcwBTgxPnq5Hcza53hfBQ-Mmm8Clee9SuDKcOxB_u7xG_9SLF2M2zcaswkZXBMbKL_Ud-NvlHlkfNNn5uKKpjs4xBUx4IkhnnPEEYkJgfgkdj12uAcYwdklMuaZ6lbNRpsC3xrgOCfuswi3UwKV6V9-HrzOOo7VhPAsFFwGPdPtK1d63An5L_vIPVj2k4sjSXNhjWuTwtGzj0XVY4bVlEXG8rf_CCgDRkcDbTb7qcWlCW73pwS_giXXnw4LdV3YZpOb8sh4yhGISGzBxyZ23lGiav64vrOeaS0oTcEd_DejmXxCf41nBz0Z2M3_400PLDYymD_IJaDZsKH6a4t-ab5BZoEQser0iDkCooK5vQufBadjU0UA-yCdrrRHvlpDBPw9PQpViQK0iLgb0a-WL02BlmJEgvgR0ar7_Q_2idtwUm4N0jHbG1uVH-xM_e1SvoohReQ7Eur8nJ829E2DhT6X_UD8pb8lrR0zNpVRKSf1JQaXsdEjmSBjh9eGbfnrEgB3R1Ce2T31A-Ug5QPd1eIKJ7jy-u_oJUwC1mmEI-p3SydFerYmV3YlfxC7ib0xzGXNXJwLlKgCe-WdJB5-S9ZByBeGzpsAh99ZBEkBqO5edEakDrV9zJudI2nzc8hYxRo7Ppa0PnmrwZMCV5gQDlPbEtRu7tSwDSydjhLZEc5VAGJWpuPRoXESoBYHyktC2JvMxAL-pDq6WgQac3EC0o_Pv9VxzLXtb76Lpbc2eh6532DARuu1JB0dMwKqDSkT-A&cid=CAASEuRoJioIKSvSOsPTRYxIkTvsLQ&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
574d0f8eeef6741771d3cef0cc4869634263181bbf42de1e93ca22dcae36d8e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9215
x-xss-protection
0
server
cafe
etag
10665788317172091938
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4AA0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBIaWH_CQX4nL-qhEKgMLs9Bf_gW08d-WrR5Gc2EAqIv95Ert0NmlpNA5SMTlDBT00EWZY_GBJYgH8vMBfkFFMzDrYTxAm8fM3AinhsM0Qs-KnGuduXj_ahJoK9NcY5qGNtbkyHppQB7nPxba9NaCZOQHQw&cry=1&dbm_d=AKAmf-AzxKuSqWGLiV7MTxW6CIJSS2UIOz3KYdZzBh2sGYMob1FYBEpkq55wxWruP9LpQBTXlyAsLQ5JanFHEFnQFzukP73IzTKngcevCwrNjJ_SEGppbvNEnn7HvtMb1xHmZJMNyR7SwbWLXrc4mE2MLqRHPmtu9rAjv4JyZkU6I-9HfpAL4P3Ws7SnwLfg6xYqFK_vwF64ISTbJlXGyfyRnEKTA_usklZAToLCdJbUaI1KfQDzEdnvRpOVf5tPLRWnwQd1ihTWaScVEXBDGjFnt0j_ZFBPtEl9LR70WATzJcG2Q3zPb-UBjh0QJCQfH5yBY3-mjGcEF3Soo0tW8PF6TQ_w9l66f1vVpN4T7C2Ybj6fekt7GHxaks5SfrBXgv-uq9QgklS94XPkTO60Me15KMPvJVvSaYed9u4yqPq_z4CPlV7vZR7AMw10eT_dKRR7xLkfGSs4s9fcZsERKYA4HOytpAW6aMbonHWCiBzdV5H-mS6VjHJAZfHCM_r0Kh6KWjeL41v56KKLRFFk8T5lxdTgzrXhsxvuXMkXSbUJ6JiMGeQzpRmA3fxEvVs39Jx-4wpHuOlgOlQX2F8jEaz4JjUMfN9zUiquxkZ8yZjNCme5FgLRycwiMj0UxxzOjcm4C34eV8NqOLdP-_bG8X0UZvNmpT4qxu7AeMw6U1mHlQh47DxznDSWv2VSqH0Qtc5pITFZSAhdyCRClCZDj7zqg2Dq_q76oK6hr4UTr7IMBqJLOHXKC9Vdy-xr7IP8SE7Ec8nnDDhYe7rfeLsIVgyLD4D1tbgP3-XL7eM-XIfKfxyJVEl20YvpvqMY7BNQjJ7DioxkU5c23xq8ZvUYgOZLOurXmpNkBckOaG7M1HNJyRg2oS7KyuzR41Xe0cQXbhkdXaRCRZ1a_FQouSfd4xyEKpHzyKGUC8m6fPzApO-wGsjNAh7TBqBzonU3wp9twqHDcccK5aT04YHGi_qEYIipP842OzHCaHfNR8XndBeIPmfnfnMjjak2H2qEt6rzCPW4BdMn1lX_RycDEPEcRbY0IRb-MwVyZD2ore9VW8bhxgkJefn9UKBDJf2pY0VA5L-55yTREnU4EEOnckEmc4clfP5BNbFcVKmGORC5DhMIPUNV_5XxHGdtOiRu03OdsK-7fqO-xIj0FWXDiB-Fo7dGhs61PseiABXrqWDMRsGbDumex3FCZV6Vcez2hETe6pVbKS8htux6kdxo2wQ9OI9deeR9EK92oXd25HSjug6r8GGYNbrgt5fo34538QrM4OfT2-puH9edoXKyO-oD8wgRJClfohR4QrxoquPVFwVKuJhGWOVv1Mvy0FkGUudcHPbT5rCum0JlJ-6Q13Bj8_6xwagaqRxOHKGdwKOZvqIIkrZWX9d7juonAE-crYBhzYtjkLYqx9k4ryVDYRrbeoYYp8CuWokXWhfc1DqHFNjTWsBaHcF51vshFVWSdk6WdoIqywWW8iyLlHIKmAEK1McqvrZybKrGfYfVdSdOSeYzykAHIDXCWdPzLRXLK4gMH6PPOb1CYRCB9vn7hAlwUoxOQdB9ohYc8xqBwuQzhSrqSVsLPOT26428_fIpNPph0wY-tcvIoiadskTW9Zoc8biQagZAgqdC7NAHp4RrM9QokcmM3_qIXKUn4-P6VTnqOmKpdLqiybizk5ufznjHBowJvSSOJgJrgp49UoRJ9EXvs3H6ozoa9qRGAhwqS23vw1owCdbqjMp6BD4Cv8qPF0CnEiksAf1BaUOw6u3blPsejgqhB_I5LWy8uJy1efH61ZvtrfOXBgG4NwS2tLgjpMPDoILV4dnhlrFr7qk-eRDqoCaQP3QGxr02xgnccnImFB-8lu042NhNTqpADDMJOyC5yFdL39wBNNC4ucSIXzVcXIsZ2Ta0BMC3tPieWG8QcvOvzqcovr8ykQXN4-1RSUJmzhSHupJ8IJvS_U28U2y59i9Vkljbi1NJ687GPe7cdh3d510cGtOu7fUXBu7HCmscorBk15xz6FIjeGYxIQKNCknsj-yNYmpM-twcJO_pv3CpvNhcu_uIEVVirFfpMfNu41KLCVESVw4ANRT_2aYcVX30THV2FMKjZIeh7baQFaHCDK_59501ieV979NhUsN1qDSvBVszyS0NMfYBFTlLHTpAstCofU3IW2xeJI3A6QkKmP6cqHhy7aquL7VpEVCxp-6GRONZUzm8dpYZHo8OaUoBwFmF-xvc_z-xF3Hm_xQG2qN_GLC7XUi2NV9U1ojUUUtTnZ4cNzOP5YBS4VyzdshsHGKXME3hjuu3Ktcq3twyDyVyJYRkcNptW9JUs8C7yx6gP7aBWKRT1PWIlWcBR7nyRWB4JqsdmTlGaiRbYO61yEqWFufhiYpei6Af4sSpW2B8B1fPPHcuHYBhQ7T_z9zFyNa5obV9tHkowWoV2Y2U_y6ktdulnfqT3-rHGnoBlLS80K3R1iqjDWaDVT6I_7giIWhWjEmLU4kILjurykSfFVocXhh69r-FXbMlxwy3t7Mox5ehowfB9QfExDXZSxQagjzxMD4ZRQEvONovdNc4UdXBRS056WX8RVimI233rDH4mkowoCcwBTgxPnq5Hcza53hfBQ-Mmm8Clee9SuDKcOxB_u7xG_9SLF2M2zcaswkZXBMbKL_Ud-NvlHlkfNNn5uKKpjs4xBUx4IkhnnPEEYkJgfgkdj12uAcYwdklMuaZ6lbNRpsC3xrgOCfuswi3UwKV6V9-HrzOOo7VhPAsFFwGPdPtK1d63An5L_vIPVj2k4sjSXNhjWuTwtGzj0XVY4bVlEXG8rf_CCgDRkcDbTb7qcWlCW73pwS_giXXnw4LdV3YZpOb8sh4yhGISGzBxyZ23lGiav64vrOeaS0oTcEd_DejmXxCf41nBz0Z2M3_400PLDYymD_IJaDZsKH6a4t-ab5BZoEQser0iDkCooK5vQufBadjU0UA-yCdrrRHvlpDBPw9PQpViQK0iLgb0a-WL02BlmJEgvgR0ar7_Q_2idtwUm4N0jHbG1uVH-xM_e1SvoohReQ7Eur8nJ829E2DhT6X_UD8pb8lrR0zNpVRKSf1JQaXsdEjmSBjh9eGbfnrEgB3R1Ce2T31A-Ug5QPd1eIKJ7jy-u_oJUwC1mmEI-p3SydFerYmV3YlfxC7ib0xzGXNXJwLlKgCe-WdJB5-S9ZByBeGzpsAh99ZBEkBqO5edEakDrV9zJudI2nzc8hYxRo7Ppa0PnmrwZMCV5gQDlPbEtRu7tSwDSydjhLZEc5VAGJWpuPRoXESoBYHyktC2JvMxAL-pDq6WgQac3EC0o_Pv9VxzLXtb76Lpbc2eh6532DARuu1JB0dMwKqDSkT-A&cid=CAASEuRoJioIKSvSOsPTRYxIkTvsLQ&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C8A0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 77FD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 13:05:23 GMT
expires
Wed, 15 Sep 2021 13:05:23 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26555
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C8A0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f565ae79a85add0a742fae507600292b72c4e6e1261d01e7d8bd10abfc3ad56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 5425
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 google
server
OXGW/16.216.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 5425
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 5425
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Sep 2021 20:27:58 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5425 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXk7y9v81hXxBO4Z7yKETzcVUSmzShpNZd2jGyEcFnov6-V0YA4hQFTdU_wuDAYid2lhpqNNIqnPFtxygOhEyNbPZZ4ZnMVHrPHDN6XINUUe9cJf7CjfXaGPDouPXR0JcgyE2R_JYpkmdtUj5hBXCKEP4XVZpJE-Bk2YCtYz5_kWAiDJyVaN7yY98UIrtuvnpxWN0O9clf4S5MjdqGXcbxi5UQDdA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Sep 2021 20:27:58 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 0636
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQymM-aLWWn9mGWD9aT1Co&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0636
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwMDkwNWEtZGQ0Ni0yYzgyLWU1NzctY2RkZTQ3NWQxYTY4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 0636
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Sep 2021 20:27:58 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESELMhZvLhKYWpnpak-NWGSWY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0636 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjNlrazATAB&v=APEucNXbRI2wRosFedM1CNRtDDfPR-eXoom79DXRxMzsiu2ajtOGX94qIFOUW9Qta8OV2TMRjmf3neWHK6YbaQP_xqwyFxEpF_7q482N1EHpruyhLdBob562TaH0asNvqewuv46Km7KVVDqlFDo-Wsv2zjMVyencjaoy2nclqzNTEK0waHuyavarir1PMxS_738Fh6ANXXnHBIzhWR91fxxTrT-sjWzlig
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 14 Sep 2021 20:27:58 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
mtrcs_220434.js
s79.mxcdn.net/bb-mx/serve/ Frame C8A0 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.32.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-32-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
683c05ab2230225fd07a7dd0092bfdb3e53f49971225a4d90da3fbb5fd44ea2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 13:09:20 GMT
Server
nginx
ETag
"\W00000580011629205760776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=1800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58001
Expires
Tue, 14 Sep 2021 20:57:58 GMT
index.html
s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/ Frame C98B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
b517cd0ece0ed53cca9d240c32e10ebc32f230aa0d8a8eca9dbb2bae03b4f8f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2025
date
Tue, 14 Sep 2021 07:46:20 GMT
expires
Wed, 15 Sep 2021 07:46:20 GMT
last-modified
Tue, 31 Aug 2021 16:09:32 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
45698
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C8A0 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvP35D8_B9Teq-cGsmg5RkndyaDZL-81zl44mWcpymcXx8B0s6XwnQ5Z-WGcJkZz3u2bPKruU8mwLTJv3ZKBQ_cXtZgmMWf_2nj1TgnKawb7bCm2zsZLpAliqHvOqwKDnJ3AE0m74avzXZF6QRS05W48SQ7tMRka11vZkGtJipcAjwYSp28NQReh23wI25PpJb3-_1E00qSXeKfcj5D9d2Mr0vlxribfSnctf68I4szuxh-2w_SYHhwjtYvN6QYWNtjcUE9oN0OYz5NjcqkHSwtG4Bs4kFo_Ba6zl54pyPZNlrU0piXpsqdwsg6FFMch2H-uh_9-fokNnyAZPUNr34_TSETyN-5xp2pWliutbCs45FZ004rghMQe2SrxZkGbsGAg_WhDx4yjQ6HjY7LeguprUWdIa5CCFiXfBGf0nkJpZOBCezI-3e5zzTb2eKucrmVTmdMVeIuVzV67orvuhh_TvlMkn6SRMwKdsG3C_2hMryiNNw6AuLVrjEbXy9rP2cpQpV8VLD4m_rdJGz_JtITSJ-pBpFsfIpYrAssbWBdVxJVXcrk_oUbKmfiLpQ0JBIgOt3BslQD1q7BPTRHoHlFVUNybT4kzInUihbmMz9x_mihBeokIiBRVay9GAC3U_UhB_v-3t77I9VDCMJNehXZLuJWwlQKv4Qbd6LifzLxycvowXqnxnUlzf9wMopZsSq6grhNiHwwrfEKjB5IHZc3qyDwfdiXuFl6POduZBHwc5bf4g2aq_XiD422anrpkwzgjPMOjO0f5N7H7e5iM5P0XLlYQlx5Qr6Q83Ux8pOWJD5ZM2pjozOuGFpU1IwCOxIV-WK_Cdfo5HirqwEBU2JD8GsaRRpkq1DDH5dol5e9VPWuBhsGzPnCxFosd5i44D62q0n_jLWZaXxQZDvzbztpgR-FGULLqX7mgbv2NFfGLBVdpRZg97-VhiyhOsIdAjTyLfdfHLKC3FmB2c0TVgZxCVt7DtJmd60a5oFHxDe14QQpVDmQlwexgVtwsp47RjBeCIa5C868q_zPmyFr0z8_h0kBImdijKAmmawc9tRJHeVHWv63zQCNqFZWk6VH1aLlDJvTO5o0k-twP59cVkBjiUhRCufKbtgwA0sb57qeqKa2dPW16ojYwSThprKAByKQGUxERwFJX2GTV78g64-BTElAGmWuAU7jp_0ZkWI8gOngct67ouU824XvF7LqUXTI1WJKPZLuNp61ZQQ-ayUWGWTpr8lfdiwdMwrc69ypg70A17W_jg&sai=AMfl-YRfeE4zp9Z_PBgp-_PqXsO2hXRDaeUNsMm2vvKTtcqOG2tkjvf5PQYK5pUFujU6FPO0klXA1JdD4BnCSvPWeu2_PJ9chuTtP2JVe14Azs9YSligtxcuzItw4hudhF7vNwcM4AAOLPr1Ad9tp1NH508SOyamCw&sig=Cg0ArKJSzCQ7uiq0BafXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=287&cbvp=1&cstd=285&cisv=r20210909.90339&adurl=
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 14 Sep 2021 20:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1281 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mtrcs_220434.js
s79.mxcdn.net/bb-mx/serve/ Frame 5FBF 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.32.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-32-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
683c05ab2230225fd07a7dd0092bfdb3e53f49971225a4d90da3fbb5fd44ea2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 13:09:20 GMT
Server
nginx
ETag
"\W00000580011629205760776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=1800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58001
Expires
Tue, 14 Sep 2021 20:57:58 GMT
index.html
s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/ Frame 696F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
3a68bab32a90893cff2d3bd078481dce7b5b64b9866f49e0d06033f1bf12d4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2033
date
Tue, 14 Sep 2021 13:48:07 GMT
expires
Wed, 15 Sep 2021 13:48:07 GMT
last-modified
Tue, 31 Aug 2021 16:09:34 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
23991
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5FBF 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS2Of08VekA54J1xkJsIg-PxKA2bMCNVB0jNa-c9uMF2qMxW72hTRPtetiDImNDpOgJMkEsVX0hANCl2nnSRaqK0WbwF0cXr4nl4EYsYowxvqv23HCX59qdm4SLe85H6nefAT_zTA6sbzCeog55DquJEf2cla1WOTCw3eWv-DpX8CaDGcGO4mK2TaFZ2q3uYblYGN7_NLtuvsoJgxCmli45EIiUDkok7kPtISRwEp3sjiNM4X7pED2uFFbDR9qzUzMYhfqsjYmdpSuLGQE5mNcGnHSfsDcp_7rOq_spBiFyvfR05JPlPr3eZCGXovfqcTG2XDtHOIqWLZZrNAntNerwsV7X_lmor_f8w6d7gtUB7rHT-a_ZJ1Cz8jIIWx9rSGWji0KIDxN_aTffHTVlUVUaml7isyalYrx4bWGTUIaeXvfFEKbxl-s3TjUuNhq5ENY6p7oANr_jbKNiqzpAIPTr4_DajfGWdhpgt4ngWlk6ACDQ2qqB4HksFCqDIUNBM2on8HVvjZqjXjqZRcNu7LyKr88AazSUPgfXGDfLb0VbQGHP8zHl0S_ARePpkP5bFY6MKWFCXhNp5ZZm6z0K6qsP0dglXQuxSK36h9p-aJw7T91x3RhCCc6SWYuES5euiNaVeEy_3DDil1nTUK3FmT2vMSTqTmvpPX74q-pCX4lOmJ0fWFA_NLLO3vNvrs40LS9Dsm7v6hwhQdcC0mxq5kijekYcw8S6WvWslptQExqovnO54mhI0oiKeXMpFOIU1ybfEOyHKnjx1FRRTLxGxd34otG20_mt-RIOIrKbYviGyXbTWBWASkOwZSrytHF3OfQv_Nq502Mukw20yE9S8yz8ODvzsKvpy5Ser5uMjgrmVZ9aJJIkqPDtNPYLYXuO2GDtMkeTLQclFCdSNMr6kNV4FPeearJeLFdR7jJHFdNPtsUXX9e7tJklYqlyUlMGA1HJTx4Fv8htcMavq1CikvHpEzhlwhauGJfYiQRhLdCJfmTZUbOOb5hx2xrJ5bDMO9IG2CbAA076dyCDz4bgB0pyZyfhHK2b6cmqKckYny4SRJZ2Bjq20u5RrMpw7qSJDk0bnEcA-rhBAwj4FoOCN7wJKxF18QOMRas2avNRPp5MV-z-YnfFm2S2SlGfYhgdArHBcoI2f0GiNrgwPxdYp60XUlevrqYdy7qtTaBjDtRzQ3S_xHVK3HnpxnQ2rMXx7LCbULK87C06Sc_NcDf8pLPA56J6Dap_LEXbq3nVTGxyiZpfBhOJTgAYDI&sai=AMfl-YSlTv_512GyA2WcNoJNl_7Xdx3jZSYoaM6Vct0NfLcQeNvdOxoOtkBkBhPHhw9Rjebs0daFtLnOFqwOMhkF1T9aBCrYDzdQCaAaw7IOZwl7cckrm9OqJGAXHgi8w9KSbBmIfQxNX7tyLgE618Z4Q3LwnzWS8A&sig=Cg0ArKJSzMEDfZRfOwzfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=112&cisv=r20210909.12101&adurl=
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 14 Sep 2021 20:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
all.min.css
vacina.saude.rs.gov.br/vendor/fontawesome-free/css/ Frame C02E 		55 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"dcc5-592af5a54eb00"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
14961
css
fonts.googleapis.com/ Frame C02E 		21 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 19:37:23 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:58 GMT
sb-admin-2.css
vacina.saude.rs.gov.br/css/ Frame C02E 		200 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/css/sb-admin-2.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
bf01f104e3f0aac9c166497e13b6eb6f81de17598e48be3511bbb3d57d5b864d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 19:04:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"31f5b-5c431b61cb708"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
42873
dataTables.bootstrap4.min.css
vacina.saude.rs.gov.br/vendor/datatables/ Frame C02E 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"1466-592af5a54eb00"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1284
style2.css
vacina.saude.rs.gov.br/css/ Frame C02E 		1 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/css/style2.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 12:02:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"549-5c001a181d90e"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
726
js
www.googletagmanager.com/gtag/ Frame C02E 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-61N8QP7DNJ
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d4499e5b35274bc18bd31350b72faccca26a5fb17812d737bc7fe3407ecbf32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51686
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:27:59 GMT
7sx2ojnml039
hal9000.redintelligence.net/zone/ Frame 4AA0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/7sx2ojnml039?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
ac69b2dc86cf7a234c57ee1f41af27b024566aef1ada2bd22229331ff811231d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3941
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 48E7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5FBF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F32F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 13:05:23 GMT
expires
Wed, 15 Sep 2021 13:05:23 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26555
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5FBF 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f24767067c945c566c88f84a433c650ca1e1eb61b93e3809180c9b1924670017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 77FD 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB8qc9N8uJH6GZYFhy2_pos&google_cver=1&google_push=AYg5qPKuU1J81snjQAAI-HQcfl0WqzL_pv2MMVlDaOL3V_hT_2LhBa6wz_yJup_k3TMF4M0kFggvzdrZU4nQF6E0lWSI3geOaC4P
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 77FD 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELzHYAq-8RLz1Km6TwF6Jtk&google_cver=1&google_push=AYg5qPLVng-GcjKY4X1Rq7w9IQSFjRB-dJtLzMCraaGUF5nPG8iaz3jMKxCCMnaPPnZBHRbqWWRcWkT8Q9e2EtMGn8OX6zJtMnY
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 77FD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECVTEuB2q38_yE3JxGO-LUE&google_cver=1&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0ConI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECVTEuB2q38_yE3JxGO-LUE&google_cver=1&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMxMjA5NDUyNjgxMzA0MjA4NA&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0Co...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMxMjA5NDUyNjgxMzA0MjA4NA&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0ConISNK1ZDb6nwNYTiuMvEo
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMxMjA5NDUyNjgxMzA0MjA4NA&google_push=AYg5qPIYxkTbK1tyLDAXnt45imo0X3GHDzmgopk3r31kLx8jikfO-ZkqMdPQyUAX-3VwpOwD84o0ConISNK1ZDb6nwNYTiuMvEo
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 77FD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENrxaC7uxjs2HAaoPZbKYpE&google_cver=1&google_push=AYg5qPJ2w__HsAATKEIcJlbBmcbwEIsOxa0c0T1BMVc63doqK0oSeJw5B76IXmLFOwU3e6rpcVb...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLSjFLRTMtMTUtRjJRVg==&google_push=AYg5qPJ2w__HsAATKEIcJlbBmcbwEIsOxa0c0T1BMVc63doqK0oSeJw5B76IXmLFOwU3e6rpcVbpYXZLLBe5IeG6fG5nNiEXexU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLSjFLRTMtMTUtRjJRVg==&google_push=AYg5qPJ2w__HsAATKEIcJlbBmcbwEIsOxa0c0T1BMVc63doqK0oSeJw5B76IXmLFOwU3e6rpcVbpYXZLLBe5IeG6fG5nNiEXexU
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLSjFLRTMtMTUtRjJRVg==&google_push=AYg5qPJ2w__HsAATKEIcJlbBmcbwEIsOxa0c0T1BMVc63doqK0oSeJw5B76IXmLFOwU3e6rpcVbpYXZLLBe5IeG6fG5nNiEXexU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 77FD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.targeting.unrulymedia.com/csync/RX-abadff3d-2d77-4d40-8c43-a6d37cc36692-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKdOXsvLM7hxXS1WW_-A...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdOXsvLM7hxXS1WW_-AsVJmLRJl4qYgNq0aLBEvyRDKWg8vej4wKLCzfealyfDI8dtsqEuQg06mkEWWAUFHKkfwJVZhjk&google_hm=A6ut_z0td01AjEOm03zDZpI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdOXsvLM7hxXS1WW_-AsVJmLRJl4qYgNq0aLBEvyRDKWg8vej4wKLCzfealyfDI8dtsqEuQg06mkEWWAUFHKkfwJVZhjk&google_hm=A6ut_z0td01AjEOm03zDZpI
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdOXsvLM7hxXS1WW_-AsVJmLRJl4qYgNq0aLBEvyRDKWg8vej4wKLCzfealyfDI8dtsqEuQg06mkEWWAUFHKkfwJVZhjk&google_hm=A6ut_z0td01AjEOm03zDZpI
date
Tue, 14 Sep 2021 20:27:59 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXabadff3d2d774d408c43a6d37cc36692003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 77FD
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHD4T5uKPIvuU-PpaO0nJdU&google_cver=1&google_push=AYg5qPLkgw_S-2Pj0H9KHzyoLaQUv3mW6Y3-N4MB-_RGkEdmZB1ZPsrkl0nRv_WPS_kzmeNHdsAoWaZVI7JTB3ipWSeO5kr-CUbp
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&mn_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLkgw_S-2Pj0H9KHzyoLaQUv3m...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&mn_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLkgw_S-2Pj0H9KHzyoLaQUv3mW6Y3-N4MB-_RGkEdmZB1ZPsrkl0nRv_WPS_kzmeNHdsAoWaZVI7JTB3ipWSeO5kr-CUbp&gdpr=&gdpr_consent=
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&mn_hm=Mjc0NjUyODc4OTMyNjE5MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLkgw_S-2Pj0H9KHzyoLaQUv3mW6Y3-N4MB-_RGkEdmZB1ZPsrkl0nRv_WPS_kzmeNHdsAoWaZVI7JTB3ipWSeO5kr-CUbp&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 14 Sep 2021 20:27:58 GMT
pixel
cm.g.doubleclick.net/ Frame 77FD
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAjUbJ_VnL02cvTW5OTaCv4&google_cver=1&google_push=AYg5qPK6Imx30vf6YsRYHdM8NfmsrUsP25a_m507YUvRYsawO063tU1RruXBjq5jEyC5yrUboN6iXQGAET64hsxIq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTM4NWU1NDAtYjdjMy00MWQxLWE2YjYtYjdkYzFmZWJjNDAw&google_push=AYg5qPK6Imx30vf6YsRYHdM8NfmsrUsP25a_m507YUvRYsawO063tU1RruXBjq5j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTM4NWU1NDAtYjdjMy00MWQxLWE2YjYtYjdkYzFmZWJjNDAw&google_push=AYg5qPK6Imx30vf6YsRYHdM8NfmsrUsP25a_m507YUvRYsawO063tU1RruXBjq5jEyC5yrUboN6iXQGAET64hsxIqyZyzo0j2_Np
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTM4NWU1NDAtYjdjMy00MWQxLWE2YjYtYjdkYzFmZWJjNDAw&google_push=AYg5qPK6Imx30vf6YsRYHdM8NfmsrUsP25a_m507YUvRYsawO063tU1RruXBjq5jEyC5yrUboN6iXQGAET64hsxIqyZyzo0j2_Np
date
Tue, 14 Sep 2021 20:27:58 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 77FD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXbbslRzRw4v0SVkxvgZIDUi1WurrGXq-KxwvRbN32NHAvJGrARVJaKkpjf-1gw9oLVLzTgg
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
stat
stat.meetrics.net/ Frame C8A0 		82 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.meetrics.net/stat
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.3.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h211.meetrics.de
Software
nginx /
Resource Hash
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Cache-Control
private, no-cache, must-revalidate
Last-Modified
Tue, 14 Sep 2021 20:27:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gettag
s79.research.de.com/bb-mxad/ Frame C8A0 		0
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.research.de.com/bb-mxad/gettag
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.6.89 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h241.meetrics.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Cache-control
private,must-revalidate
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
submit
b16.s79.research.de.com/bb-mx/ Frame C8A0 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/bb-mx/submit?/1gadBoAAA/whFtBo0F0wFz6BvvA51AkhF40AkmFkhF13AjiF3mEmlF54Az1AwwAjjFi5BymElyBuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF+pyFho0F0wFz6BvvA33F3uBjvFyyFlpFvkFvwFv2FvuBjvFtuBiyFvBE+k2FoywAyxAtwA4tAx3AtxAz6Aw4AtyAywA0zA0tAyuAxyAyuA3tAyyAyzA2lEzzAKp6Fsp3Fx2AzxA21AxyA33A05A5BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA2yAx0Ay5AmjEpkF9xA12A41A2zAxzAmzEp6Fl9B53Aw4Ey1AwmAjiF90AwwA3yA50A5xAUkzFmBFAAAAAAKP6D6DAPAAAAAAAAAOAAAAGCAAAAAKP6D6DABPdAAAAAAAABqEAAZIAAFAx8Ez8ExBEDAy5A4BErB7jAPAAAFAAqEATB7jASksF5EbAAAAAAAAAAAAEAAAqEAAAAAAAAIAy2Az1Ay3Ay3AJAzxAy2AyxA0yA5BEHA15A1yA3zA5BEHA53Aw4Ey1AwBEJAx1A24A12AzxAzBEHA53A14Az2A2BEdAAAAAAKPA6DAFAAAB7jAAAeBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzwA0yA2xA3yAwwA2vAyyAtJEXFFtFEkpF0pFvuFzwAtCEpsFsiFvhFykFt5A3wA4yB1wAtTEVWFfWFxvApuFklF4uBo0FtsFCACCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjF4Rm/VA
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 14 Sep 2021 20:27:57 GMT
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadCpAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFpiVNSA
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:27:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB43 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900028.redintelligence.net/ Frame 4AA0
Redirect Chain
  • https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
55c1e27a9508ed55e849730f1382367b3be52d4d7a7ad20c12ea05ec63c15ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
27661200205041100710626011717028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1348
Expires
Tue, 14 Sep 2021 21:27:59 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 14 Sep 2021 21:27:58 +0200
stat
stat.meetrics.net/ Frame 5FBF 		82 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.meetrics.net/stat
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.3.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h211.meetrics.de
Software
nginx /
Resource Hash
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Cache-Control
private, no-cache, must-revalidate
Last-Modified
Tue, 14 Sep 2021 20:27:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gettag
s79.research.de.com/bb-mxad/ Frame 5FBF 		0
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.research.de.com/bb-mxad/gettag
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.6.89 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h241.meetrics.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:58 GMT
Cache-control
private,must-revalidate
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
submit
b153.s79.research.de.com/bb-mx/ Frame 5FBF 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/bb-mx/submit?/OcWLBPAAA/whFtBo0F0wFz6BvvA51AkhF40AkmFkhF13AjiF3mEmlF54Az1AwwAjjFi5BymElyBuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF+pyFho0F0wFz6BvvA33F3uBjvFyyFlpFvkFvwFv2FvuBjvFtuBiyFvBE+k2FoywAyxAtwA4tAx3AtxAz6Aw4AtyAywA0zA0tAyuAxyAyuA3tAyyAyzA2lEzzAKp6Fsp3Fx2AzxA21AxyA33A1wA4BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBELlnFB/k0FtBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA2yAx2A4xAmjEpkF9xA13Aw3A2xAxyAmzEp6Fl9B53Aw4Ey1AwmAjiF9xA1wA02A5xA00A0BEUkzFpBFAAAAAAKP6D6DAPAAAAAAAAAOAAAAGBAAAAAKP6D6DABPJAAAAAAAABQ0NAZEAAFAx8Ez8ExBEFA12A15AyBEr4RVAPAAAFAAQ0NT4RVASksF5EbAAAAAAAAAAAAEAAAQ0NAAAAAAAIAy2Az1Ay3Ay3AJAzxAy2AyxA24AxBEHA15A1yA3zA5BEHA53Aw4Ey1AwBEJAx1A3wA32AxxAyBEHA53A14Az2A2BEdAAAAAAKPA6DAFAAA4RVAAAeBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzwA0yA2xA30A10A4vAyyAtJEXFFtFEkpF0pFvuFzwAtCEpsFsiFvhFykFt5A3wA4yB1wAtTEVWFfWFyvApuFklF4uBo0FtsFCACCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFJ0NAWA
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 14 Sep 2021 20:27:57 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLCQAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFgdVNSA
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:27:57 GMT
desk_muted2.svg
vidstat.taboola.com/player-assets/ 		688 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/player-assets/desk_muted2.svg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b07af50f99890a6edd3601bb8cf2d7ebdb404904067925d794d1cd450e939f57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront), 1.1 varnish
age
2027859
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
376
x-served-by
cache-hhn11566-HHN
last-modified
Sun, 10 Nov 2019 13:16:01 GMT
server
AmazonS3
x-timer
S1631651279.934514,VS0,VE0
etag
"c374f9a1c65db8dd9f4b435bd1adb4ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MS6Zu2RZD6qF-_E2IKs5q26WT-wQGo6tm7uhQ1Xe74RW2dw_PeaE6Q==
x-cache-hits
22242
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C98B 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:58 GMT
script.js
s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/js/ Frame C98B 		3 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
29bd09962171f0429c49f053bedf851eed636933bd369af210169727803869fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 07:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
818
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 16:09:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 15 Sep 2021 07:46:20 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 1281 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 696F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:27:58 GMT
script.js
s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/js/ Frame 696F 		3 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
089e5828afbc9c8042edcc33c976917c43c1c0256e2e099901591386e8574456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 07:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 16:09:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 15 Sep 2021 07:44:39 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F32F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO_fwh8598zD92AAkTFaUZ0&google_cver=1&google_push=AYg5qPInzwrfd3ZHclpTR1a5B0PVPJPmEdeMtEdMFGdBfuNgGnzvNZfCdKJ0uVu65tCLqW3vlkf0RNZoN8OFgH-9AE7OxYUROvyj
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY5NjgwOTY5MDA2Nzc4MDM1NQ==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEO_fwh8598zD92AAkTFaUZ0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEO_fwh8598zD92AAkTFaUZ0&google_cver=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEO_fwh8598zD92AAkTFaUZ0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F32F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELxQGe--wFgDVEEWEdnFjtk&google_cver=1&google_push=AYg5qPLCTvtPzbDyqrcsbWQCeMtcRFhW958FeEKIC8mG_dB6FTPmiXbSZdUDYcAStnbCpDG35E36q7_sa8uLp7ry...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EUxhQQXLSACoQsPEWWtw9g&google_push=AYg5qPLCTvtPzbDyqrcsbWQCeMtcRFhW958FeEKIC8mG_dB6FTPmiXbSZdUDYcAStnbCpDG35E36q7_sa8uLp7ryVzMlWlOo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EUxhQQXLSACoQsPEWWtw9g&google_push=AYg5qPLCTvtPzbDyqrcsbWQCeMtcRFhW958FeEKIC8mG_dB6FTPmiXbSZdUDYcAStnbCpDG35E36q7_sa8uLp7ryVzMlWlOoAPi9
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EUxhQQXLSACoQsPEWWtw9g&google_push=AYg5qPLCTvtPzbDyqrcsbWQCeMtcRFhW958FeEKIC8mG_dB6FTPmiXbSZdUDYcAStnbCpDG35E36q7_sa8uLp7ryVzMlWlOoAPi9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Sep 2021 20:27:58 GMT
pixel
cm.g.doubleclick.net/ Frame F32F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGpPoAQBJyzfkutrGdpMLlE&google_cver=1&google_push=AYg5qPK1SIlZmTbx-_UeBCfja60ypHt5QwLiqJ7r8l_Ty-ZjIB7J8iJUt3igkqS97E7l1v9ixdofuT09Z6Dg_9uD...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=USW9Tp5_TqKvLUBxilX4_g2&google_push=AYg5qPK1SIlZmTbx-_UeBCfja60ypHt5QwLiqJ7r8l_Ty-ZjIB7J8iJUt3igkqS97E7l1v9ixdofuT09Z6Dg_9uDKfisQQuedjZv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=USW9Tp5_TqKvLUBxilX4_g2&google_push=AYg5qPK1SIlZmTbx-_UeBCfja60ypHt5QwLiqJ7r8l_Ty-ZjIB7J8iJUt3igkqS97E7l1v9ixdofuT09Z6Dg_9uDKfisQQuedjZv
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:27:59 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=USW9Tp5_TqKvLUBxilX4_g2&google_push=AYg5qPK1SIlZmTbx-_UeBCfja60ypHt5QwLiqJ7r8l_Ty-ZjIB7J8iJUt3igkqS97E7l1v9ixdofuT09Z6Dg_9uDKfisQQuedjZv
x-host
tde-deliveryengine-production-558f8dfd5f-n2s7l
alt-svc
clear
content-length
0
google
pix.impdesk.com/csync/ Frame F32F 		0
0
pixel
cm.g.doubleclick.net/ Frame F32F
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEPtckObInJeWNY40Ig8MYIU&google_cver=1&google_push=AYg5qPIk3N8DTJwfwZhJFx4cqGpOj1AgqKg2ef5wWMINwA-XTxcxVrgVa0JuNc2owWXJ3xfDa-iQuqD9i0QBh_Dqq6X3UvD...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=MVllMDlLdkF5UHc4&google_ula=2046794&google_push=AYg5qPIk3N8DTJwfwZhJFx4cqGpOj1AgqKg2ef5wWMINwA-XTxcxVrgVa0JuNc2owWXJ3xfDa-iQuqD9i0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=MVllMDlLdkF5UHc4&google_ula=2046794&google_push=AYg5qPIk3N8DTJwfwZhJFx4cqGpOj1AgqKg2ef5wWMINwA-XTxcxVrgVa0JuNc2owWXJ3xfDa-iQuqD9i0QBh_Dqq6X3UvDtciKI
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=MVllMDlLdkF5UHc4&google_ula=2046794&google_push=AYg5qPIk3N8DTJwfwZhJFx4cqGpOj1AgqKg2ef5wWMINwA-XTxcxVrgVa0JuNc2owWXJ3xfDa-iQuqD9i0QBh_Dqq6X3UvDtciKI
Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pixel
cm.g.doubleclick.net/ Frame F32F
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLd1Tkeol2VBuhAQ-bLSTFX3MNEJK2Szq1fasfvc5aT_Xl4o4NvBOsL0w_KqDVTjM4lkOEMtKgnv_...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLd1Tkeol2VBuhAQ-bLSTFX3MNEJK2Szq1fasfvc5aT_Xl4o4NvBOsL0w_KqDVTjM4lkOEMtKgnv_waR-ASCp4ENbWWflFr&google_hm=3702d33c-4023-4660-ba...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLd1Tkeol2VBuhAQ-bLSTFX3MNEJK2Szq1fasfvc5aT_Xl4o4NvBOsL0w_KqDVTjM4lkOEMtKgnv_waR-ASCp4ENbWWflFr&google_hm=3702d33c-4023-4660-ba49-2901327d1bfb
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLd1Tkeol2VBuhAQ-bLSTFX3MNEJK2Szq1fasfvc5aT_Xl4o4NvBOsL0w_KqDVTjM4lkOEMtKgnv_waR-ASCp4ENbWWflFr&google_hm=3702d33c-4023-4660-ba49-2901327d1bfb
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F32F
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEEe6qaUfzs72UhXu2zWIoDE&google_cver=1&google_push=AYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnV...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3Dd79be632-64aa-48a1-a899-51fd4c4f247e%26google_push%3DAYg5qPKwOQDB-SNvO3wJTf2yZ5abPB9...
  • https://tech.rtb.mts.ru/?dsp_uid=d79be632-64aa-48a1-a899-51fd4c4f247e&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3Dd79be632-64aa-48a1-a899-51fd4c4f247e%26g...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=d79be632-64aa-48a1-a899-51fd4c4f247e&google_push=AYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=d79be632-64aa-48a1-a899-51fd4c4f247e&google_push=AYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnVnqdgalilNufqg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=d79be632-64aa-48a1-a899-51fd4c4f247e&google_push=AYg5qPKwOQDB-SNvO3wJTf2yZ5abPB98ZUiSmM9GmcopKtm23HPltxMv__tq87X527IOIbe47ip0Z-I2Ho1vtQEnVnqdgalilNufqg
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame F32F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmDgeJWztU2Y4YrpMOurftvoG_A0N4OnECAipmH9qGgncfYMrvoY9mR8tPnttwvhNkRoqVfw
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 48E7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C8A0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvP35D8_B9Teq-cGsmg5RkndyaDZL-81zl44mWcpymcXx8B0s6XwnQ5Z-WGcJkZz3u2bPKruU8mwLTJv3ZKBQ_cXtZgmMWf_2nj1TgnKawb7bCm2zsZLpAliqHvOqwKDnJ3AE0m74avzXZF6QRS05W48SQ7tMRka11vZkGtJipcAjwYSp28NQReh23wI25PpJb3-_1E00qSXeKfcj5D9d2Mr0vlxribfSnctf68I4szuxh-2w_SYHhwjtYvN6QYWNtjcUE9oN0OYz5NjcqkHSwtG4Bs4kFo_Ba6zl54pyPZNlrU0piXpsqdwsg6FFMch2H-uh_9-fokNnyAZPUNr34_TSETyN-5xp2pWliutbCs45FZ004rghMQe2SrxZkGbsGAg_WhDx4yjQ6HjY7LeguprUWdIa5CCFiXfBGf0nkJpZOBCezI-3e5zzTb2eKucrmVTmdMVeIuVzV67orvuhh_TvlMkn6SRMwKdsG3C_2hMryiNNw6AuLVrjEbXy9rP2cpQpV8VLD4m_rdJGz_JtITSJ-pBpFsfIpYrAssbWBdVxJVXcrk_oUbKmfiLpQ0JBIgOt3BslQD1q7BPTRHoHlFVUNybT4kzInUihbmMz9x_mihBeokIiBRVay9GAC3U_UhB_v-3t77I9VDCMJNehXZLuJWwlQKv4Qbd6LifzLxycvowXqnxnUlzf9wMopZsSq6grhNiHwwrfEKjB5IHZc3qyDwfdiXuFl6POduZBHwc5bf4g2aq_XiD422anrpkwzgjPMOjO0f5N7H7e5iM5P0XLlYQlx5Qr6Q83Ux8pOWJD5ZM2pjozOuGFpU1IwCOxIV-WK_Cdfo5HirqwEBU2JD8GsaRRpkq1DDH5dol5e9VPWuBhsGzPnCxFosd5i44D62q0n_jLWZaXxQZDvzbztpgR-FGULLqX7mgbv2NFfGLBVdpRZg97-VhiyhOsIdAjTyLfdfHLKC3FmB2c0TVgZxCVt7DtJmd60a5oFHxDe14QQpVDmQlwexgVtwsp47RjBeCIa5C868q_zPmyFr0z8_h0kBImdijKAmmawc9tRJHeVHWv63zQCNqFZWk6VH1aLlDJvTO5o0k-twP59cVkBjiUhRCufKbtgwA0sb57qeqKa2dPW16ojYwSThprKAByKQGUxERwFJX2GTV78g64-BTElAGmWuAU7jp_0ZkWI8gOngct67ouU824XvF7LqUXTI1WJKPZLuNp61ZQQ-ayUWGWTpr8lfdiwdMwrc69ypg70A17W_jg&sai=AMfl-YRfeE4zp9Z_PBgp-_PqXsO2hXRDaeUNsMm2vvKTtcqOG2tkjvf5PQYK5pUFujU6FPO0klXA1JdD4BnCSvPWeu2_PJ9chuTtP2JVe14Azs9YSligtxcuzItw4hudhF7vNwcM4AAOLPr1Ad9tp1NH508SOyamCw&sig=Cg0ArKJSzCQ7uiq0BafXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=584&vt=11&dtpt=297&dett=3&cstd=285&cisv=r20210909.90339&adurl=
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 5FBF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS2Of08VekA54J1xkJsIg-PxKA2bMCNVB0jNa-c9uMF2qMxW72hTRPtetiDImNDpOgJMkEsVX0hANCl2nnSRaqK0WbwF0cXr4nl4EYsYowxvqv23HCX59qdm4SLe85H6nefAT_zTA6sbzCeog55DquJEf2cla1WOTCw3eWv-DpX8CaDGcGO4mK2TaFZ2q3uYblYGN7_NLtuvsoJgxCmli45EIiUDkok7kPtISRwEp3sjiNM4X7pED2uFFbDR9qzUzMYhfqsjYmdpSuLGQE5mNcGnHSfsDcp_7rOq_spBiFyvfR05JPlPr3eZCGXovfqcTG2XDtHOIqWLZZrNAntNerwsV7X_lmor_f8w6d7gtUB7rHT-a_ZJ1Cz8jIIWx9rSGWji0KIDxN_aTffHTVlUVUaml7isyalYrx4bWGTUIaeXvfFEKbxl-s3TjUuNhq5ENY6p7oANr_jbKNiqzpAIPTr4_DajfGWdhpgt4ngWlk6ACDQ2qqB4HksFCqDIUNBM2on8HVvjZqjXjqZRcNu7LyKr88AazSUPgfXGDfLb0VbQGHP8zHl0S_ARePpkP5bFY6MKWFCXhNp5ZZm6z0K6qsP0dglXQuxSK36h9p-aJw7T91x3RhCCc6SWYuES5euiNaVeEy_3DDil1nTUK3FmT2vMSTqTmvpPX74q-pCX4lOmJ0fWFA_NLLO3vNvrs40LS9Dsm7v6hwhQdcC0mxq5kijekYcw8S6WvWslptQExqovnO54mhI0oiKeXMpFOIU1ybfEOyHKnjx1FRRTLxGxd34otG20_mt-RIOIrKbYviGyXbTWBWASkOwZSrytHF3OfQv_Nq502Mukw20yE9S8yz8ODvzsKvpy5Ser5uMjgrmVZ9aJJIkqPDtNPYLYXuO2GDtMkeTLQclFCdSNMr6kNV4FPeearJeLFdR7jJHFdNPtsUXX9e7tJklYqlyUlMGA1HJTx4Fv8htcMavq1CikvHpEzhlwhauGJfYiQRhLdCJfmTZUbOOb5hx2xrJ5bDMO9IG2CbAA076dyCDz4bgB0pyZyfhHK2b6cmqKckYny4SRJZ2Bjq20u5RrMpw7qSJDk0bnEcA-rhBAwj4FoOCN7wJKxF18QOMRas2avNRPp5MV-z-YnfFm2S2SlGfYhgdArHBcoI2f0GiNrgwPxdYp60XUlevrqYdy7qtTaBjDtRzQ3S_xHVK3HnpxnQ2rMXx7LCbULK87C06Sc_NcDf8pLPA56J6Dap_LEXbq3nVTGxyiZpfBhOJTgAYDI&sai=AMfl-YSlTv_512GyA2WcNoJNl_7Xdx3jZSYoaM6Vct0NfLcQeNvdOxoOtkBkBhPHhw9Rjebs0daFtLnOFqwOMhkF1T9aBCrYDzdQCaAaw7IOZwl7cckrm9OqJGAXHgi8w9KSbBmIfQxNX7tyLgE618Z4Q3LwnzWS8A&sig=Cg0ArKJSzMEDfZRfOwzfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=460&vt=11&dtpt=347&dett=3&cstd=112&cisv=r20210909.12101&adurl=
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:27:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=31579697&cb=1631651279165&uv=3018&tms=1631651279165&su=&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-length
0
server
nginx
0d2ab486-745b-45cf-991c-8d91aa3e3e5f
api.soclminer.com.br/v2.1/customers/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.soclminer.com.br/v2.1/customers/0d2ab486-745b-45cf-991c-8d91aa3e3e5f?format=json&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&referrer=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&paramOnSession=&isMobile=false
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ServiceStack/3,971 Win32NT/.NET, ASP.NET
Resource Hash
b07ac778746ddc8dbf09d9f53a0446567a969e8ab33f9cbc13b68feb73d64305

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ServiceStack/3,971 Win32NT/.NET, ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbX6xi7uwuwAco1%2FjekCZuJAXdi1GOhlHmcV0IA7PtQretRRExkmclcXv87oQDu6GL1LILsEaAQxfD6Sv2NINbHvtxmM3iGHIBsxIhJnUhUBft%2BKwirV0TmJWr2QarwEe4kxUn6B"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
68ec5bef6a6b4126-PRG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, JSNLog-RequestId
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame CB43 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=5&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=31579657&cb=1631651279210&uv=3018&tms=1631651279210&su=&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-length
0
server
nginx
OpportunityServlet
opps.taboola.com/ 		1 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=32
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651279.235228,VS0,VE9
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
OpportunityServlet
opps.taboola.com/ 		1 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651279.235307,VS0,VE9
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
unip
trc.taboola.com/1005612/log/3/ 		0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/1005612/log/3/unip?en=VideoZEROAudienceImpression&1631651279221
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651279.252106,VS0,VE9
x-served-by
cache-fra19178-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.correiodopovo.com.br%2F-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=-400&gp=975&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=761&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=975&lb=14165&le=1&lf=199&lg=1&lh=54&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A932%3A932%3A0%3A1559&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=730&cd=0&ah=730&am=0&dq=31&dr=0&ds=31&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1615943837&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:27:59 GMT
view.aspx
pb.media01.eu/ Frame 2DAB
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=27661200205041100710626011717028&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27661200205041100710626011717028&actionid=879111&produktid=ratenkredit&dt_url=
0
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27661200205041100710626011717028&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27661200205041100710626011717028&actionid=879111&produktid=ratenkredit&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 14 Sep 2021 10:28:01 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=o2gwcw52e3gckd1dmgbqh0ex; path=/; secure; HttpOnly; SameSite=None DTU=402D4E904F22F009C2CDDBB228E00C8B; expires=Thu, 14-Sep-2023 20:28:01 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Tue, 14 Sep 2021 20:28:00 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Tue, 14 Sep 2021 20:27:59 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.21
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Set-Cookie
trscj=MTYzMTY1MTI3OXxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRJM05qWXhNakF3TWpBMU1EUXhNVEF3TnpFd05qSTJNREV4TnpFM01ESTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTg1TldSaE9EUmtabVJoTlRkallqZG1abVU1T0RNMU1EQmpZMkk1TW1abE1pNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D; expires=Wed, 14-Sep-2022 20:27:59 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=1|YUEF0|YUEF0; path=/; HttpOnly
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27661200205041100710626011717028&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
D88372CD:A420_91EFC182:01BB_614105CF_728C896:396C
X-IPLB-Instance
40027
Cache-control
private
Cookie set cshow.php
www.awin1.com/ Frame 50E9 		43 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2855700&v=20612&q=410607&r=296283&pref1=27661200205041100710626011717028&pv=1
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Host
www.awin1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Content-Type
image/gif
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Content-Length
43
Date
Tue, 14 Sep 2021 20:27:59 GMT
Connection
keep-alive
Set-Cookie
awpv20612=296283|1631651279|4080ea20-159a-11ec-8a78-692d0556460e;domain=.awin1.com;path=/;expires=Wednesday, 15-Sep-2021 20:27:59 UTC;Secure;SameSite=None AWSESS=410607:2855700;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
/
adv.office-partner.de/ Frame D850 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method
GET
:authority
adv.office-partner.de
:scheme
https
:path
/?utm_source=webgains&utm_campaign=webgains
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

server
keycdn-engine
date
Tue, 14 Sep 2021 20:27:59 GMT
content-type
text/html
content-length
930
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16ba8ac4"
expires
Tue, 21 Sep 2021 20:27:59 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame 4AA0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=27661200205041100710626011717028&nw=1
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
2eba3b31bf789b70026f24ae62d46e7b35281cc19652bbea9934a0f845cf4c89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Last-Modified
Tue, 14 Sep 2021 20:27:59 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1230
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683
5994599.fls.doubleclick.net/ Frame 2919
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683?
392 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683?
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f6.1e100.net
Software
cafe /
Resource Hash
8322a44ab8eb32575fc42e561e81a411f7e922d830c532f5f69b0b143be85f64
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 14 Sep 2021 20:27:59 GMT
expires
Tue, 14 Sep 2021 20:27:59 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 14 Sep 2021 20:27:59 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900028.redintelligence.net/ Frame 76DA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=2388ce514c&subid=&uid=65ba191e17d237cf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1lnezAVBYcixOJTHb6CArrgEtc35g1eU27mr5QzwLhABIKrTjGhglYKFgpgHyAEJqQJKeIV0_tWzPqgDAaoE5QFP0GWc_zdIXIOwmVXIHKVa39RnB9C3kPwQBzkMBUVEWeQ9hVBGrGCHDopsrLHAl7zSOS77bDTe7mVrDFWi5-RZree9bT597qUx8o3XTrzieppd-vz3WnQ2_aaVGMMtnhnHwuAT9wn6mjQytO-wcJ9ij4DJ2h-eygNHFwxf3xz_bRo6bKSPuqrJWMqvzuxvugQRT74JCvx5eluoaNEvmKVoMmN-S-mN2jNEw4n6TmC_65sQR7fMwexje5YUlBM1UyBuuKtfwFkHM16na2FyMyZpPTBZr2dGCDsw73h1QR6Wgumy7qlwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJioIKSvSOsPTRYxIkTvsLQ%26sig%3DAOD64_2aZub3lDav3uVyt6u5QzaL3MTaTg%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-CGl6-brUMbgnGUvMwHuxTVYJKIu7cvXqGS4J9U1QUtgpXYEPTqaibbpfa3j3xQvyj-CfVwRcgSr9rBA9EmHGu3p5LmaljoU6MqCizsgWuZrLG5raQVl9OSDx6wrKjxdNHBNk97POkCQDB81AVmpCv6hYb8Ng%26cry%3D1%26dbm_d%3DAKAmf-BDrNlyChePKITrOhc9xIHYgICC5IVEeCEGudTJI7T0W42pYV9Dh0DjoaL6_QBAMWf0cBFkhXQ5pXZZQH_R_xhzyqRmxofgWHzvAq0i4lSBEj3PWYOPo_191S4PYj4avQ-qQNhbcBshTkqs4Q5DFZJBZ3W7tjudhWOr_o3WbImN5Lmz5aOwt3bZWCkHI2nqCMRpxXYauepQMAurOffxoMrOHJ-NWvaxu42dgWyMc2Zso3wXrxaHn7BYAgLFLJBULquGUQGroyIJQ77UuxwP2Mdgzms_tA2fwiNpLDt33uoZs6O8lbNGYsB5XlFsqngMz3ekrmNmzy3-Ah_Wxn4yetM5l3mTexSS8I554IgInHpklhQA8iivPQfo4whI3hAJPH9lHJQuFk4reVfilL-m5IXE2jEWGAvk8oatNicxlRSvLBj0-I1ntmI2wkxcEvB6l65faWnKlzebRxIH2qvsVeaiwIv8oQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=9621690237251&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
a014bcbd03971210734aec9878e6d9013514927d063a96a31f86dec111c28b52

Request headers

Host
hal900028.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=a3dcbc8e213ae7b6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 14 Sep 2021 21:27:59 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2156
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 4AA0
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27661200205041100710626011717028
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27661200205041100710626011717028
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:31:17 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
D88372CD:A420_91EFC182:01BB_614105CF_728C899:396C
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame 4AA0 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=27661200205041100710626011717028&pv=1
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B087 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 13:05:23 GMT
expires
Wed, 15 Sep 2021 13:05:23 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26556
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4AA0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca80cec770c2d4b11e467ac8d96f22e78eacf50a893ed255e937ec24fae334a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=2&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&cmcv=&pix=31425418&cb=1631651279357&uv=3018&tms=1631651279357&su=&abt=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&ru=https://www.correiodopovo.com.br.mcas.ms/&ft=0&unm=SLIDER_INSTREAM&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-length
0
server
nginx
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadDuIAA+rvFgo0F0wFz6BvvA33F3uBjvFyyFlpFvkFvwFv2FvuBjvFtuBiyFLruFBLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzxA21AxyA33A05A5yEhyBy3Et3B5yFpBFlqwFyyAw0Az0ALkmFBUkzFrGQTBAAAAKPAYAAAA6BAQAAAAAA6DAXAAAA6BAPABAAZAwSAcAAAAZpBAFAx8E18ExBEDAy5A4BErY0mAPAAAAAAAAAPY0mAPAAAFAAqEATY0mAZAAAFAw8Ez8EwBEDAy5A4BErRMPAPAAAFAAqEATRMPAPAAAAAAAAAzRMPAZBAAFAw8Ey8EzBEDAy5A4BErfeOAPAAAFAAqEATfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEDAy5A4BErehwAPAAAFAAqEATehwAPAAAAAAAAAzehwAZAAAFAx8Ex8ExBEDAy5A4BErtDOAPAAAFAAqEATtDOAPAAAAAAAAAztDOAZAAAFAx8Ey8ExBEDAy5A4BErLFDAPAAAFAAqEATLFDAZBAAFAx8E18E5BEDAy5A4BErcsfAPAAAFAAqEATcsfASksFiPdAAAAAAKPA6DAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAcsfAAA2EkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFCvBTVFSCFWCFqUFiaFFMFEzFBnFDFFQiFHzBEvBwwA1wE1aEPNFoDFsaFnRFjDFvwAiaF2hFwvE4tE4nEquFYFFx3FE3B6LF5xATHFGwB0GFWUFqaFGUF0kFy3A0DFa1BGwFVwF3sE1LF1ZEUGFETF6QFCoFxRFjBF0mEDSF21E4tELRFvEF4zBzwBo2BxNEsOFGEF2HFsOFhIFysEUOFxXEO0FR4BmhFvDFGjFmyB6RFM5FU5FzpEElFzzEvxAByB2FECmFu4FqCFiHFBBFBBFBFFsGFUrFT1FRtFDDFEATLFJOFAAAAAAAAAAAAAADAEJFWBFQtjFhlMQYA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:27:58 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=-400&gp=975&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=763&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=975&lb=14165&le=1&lf=199&lg=1&lh=54&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A932%3A932%3A0%3A1559&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=730&cd=730&ah=730&am=730&dq=31&dr=31&ds=31&dt=31&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=588125488&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:27:59 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLD8HAA+rvFgo0F0wFz6BvvA33F3uBjvFyyFlpFvkFvwFv2FvuBjvFtuBiyFLruFBLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzxA21AxyA33A1wA4xEmhF4tEmpF21FuBFlqwFyyAw0Az0ALkmFBUkzFAHQsAAAAAKPAYAAAA6AAQAAAAAA6DAXAAAA6AAPQDAAZAwSAcAAAAZEAAFAx8E18ExBEFA12A15AyBErY0mAPAAAAAAAAAPY0mAPAAAFAAQ0NTY0mAZBAAFAw8Ez8EwBEFA12A15AyBErRMPAPAAAFAAQ0NTRMPAPAAAAAAAAAzRMPAZAAAFAw8Ey8EzBEFA12A15AyBErfeOAPAAAFAAQ0NTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEFA12A15AyBErehwAPAAAFAAQ0NTehwAPAAAAAAAAAzehwAZBAAFAx8Ex8ExBEFA12A15AyBErtDOAPAAAFAAQ0NTtDOAPAAAAAAAAAztDOAZAAAFAx8Ey8ExBEFA12A15AyBErLFDAPAAAFAAQ0NTLFDAZAAAFAx8E18E5BEFA12A15AyBErgVLAPAAAFAAQ0NTgVLASksFcPdAAAAAAKPA6DAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAgVLAAAyEkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFC2BTVFSCFWCFqUFiaFDMFFZFB3FDFFQEFC0FsvBXwFXFFUxBX1F5jEqxBnRFInFQwBK4FK0BjDF41AVnF4yAzWFE3FISFNTFv1BMsFwxFz1EOGFvyB0HFxiEriE0aFNKF41EViFSxFyJFzXEnyBUhFUTFnCF1wA21ETnFTXFmRFlJFi6FmuFy3E55ByzBuIFh5FtyFN2Bx0A63FytEO0FvzBluFkPFnZFI1FjHFyVEPzFEhFwTF5pE5JEJRFYpFq1BWsFtnFBBFBBFCKFSVF1FEyrFKnFnnF99AEATLFJOFAAAAAAAAAAAAAADAEJFWBFQtjF1OfWYA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:27:58 GMT
onsite.min.css
plugins.soclminer.com.br/v3/assets/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/css/onsite.min.css
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b11ca4376d9783b6b5f65165de0e1c10990e72f13453838c89d3cb08fbdd582

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17333
x-amz-request-id
H00DKSMHXTKHPK2V
x-amz-id-2
qtMOhoUhJ+s41Rk+3lfNJz/hEfMVlg62cTJmk/9oYV7og9/mS+fMkpW/+JoBvDE2I9pkD4jnlig=
last-modified
Thu, 28 Jan 2021 19:32:57 GMT
server
cloudflare
etag
W/"7ed90ef5a4ea0bb575528aa6cb28398f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyxwXtaIOPbhjedmB2%2Fl6d1R2yMgZje7fVYMOS0PaJKZAYmulXE1qKWNgwwqTHUZS3m6N5UouMYAcrCGeH%2BzGQXFszjGmrCVAn3HzSExzPNQ4jRkbvdjk72sfxnKuoeE%2FeEiCiRdPEhgXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
68ec5bf129ad4132-PRG
crawler.js
static.socialminer.com/customers/0d2ab486-745b-45cf-991c-8d91aa3e3e5f/crawler/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.socialminer.com/customers/0d2ab486-745b-45cf-991c-8d91aa3e3e5f/crawler/crawler.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee35020849ff3b061d9281af944309fa2a45f1c9dd6ed71b0c22849e6e3d2bc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40541
x-amz-request-id
3EXDK8K6W8WBE6SH
x-amz-id-2
PGc4ytjnNyn4C9XuNY534zz6uB6wzanrvqhdYJZds8/x28CskSw9jdsFgaDLbVuNaVBjsRg1z9c=
last-modified
Tue, 01 Sep 2020 20:51:53 GMT
server
cloudflare
etag
W/"eaa86ce499c35f2a99d1205b9ff2a30b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1%2FDAlPkEBYM%2FaiSs60k09gArgzNT1SppSwXEQEUzopb9ZNEaUvEMq10ciMa%2BcWlv0qc4BnDQunv50ocVoqvwxnNvl0pcjRBYvtdidYb2kSFTDu43H5KiBoKZdYNLFQ3%2FD10fSU6TRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
68ec5bf1cdab2780-PRG
view.min.html
plugins.soclminer.com.br/v3/sdk/tracking/html/ Frame 006E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a3391f6cdf18fd1fd8b39994ef4ed0d2583f56a6210624d1cf48a4ef606ba6

Request headers

:method
GET
:authority
plugins.soclminer.com.br
:scheme
https
:path
/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-type
text/html
x-amz-id-2
NiTNstNqw69CXXAsi0AJ7oJq3B3oDZ0HUQbphT8oQDLwKEPMhAbwNXNp2rQx552Wk+Cfs7ULUy4=
x-amz-request-id
N160R25BXN2JQKEH
last-modified
Wed, 25 Apr 2018 19:55:14 GMT
cache-control
max-age=86400
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FlPj9jx6%2BdvExOErWpIX0ycvNfI9pvSl6%2F9VJut42IDUfrv2DIPPA0YdhZKRoADXFgpzT%2FFya1O0cZhQcYcpKO8%2BX%2F5Yp6NFHtuLYlcqQeGT%2Bn1toKnaOT%2FA7xCDdgPCTRPLPfTt9kejA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68ec5bf14a0e4132-PRG
content-encoding
br
default.js
static.socialminer.com/custom/
Redirect Chain
  • https://static.socialminer.com/custom/0d2ab486745b45cf991c8d91aa3e3e5f/custom.js
  • https://static.socialminer.com/custom/default.js
0
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.socialminer.com/custom/default.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4539
content-type
application/javascript
content-length
0
x-amz-id-2
CdZ1LaccvrkyMK0XN1QuMvDw/TNCZwlRfuUm7TcWpih2m/hulRHZ8BwoJ7f914QsElPAwuq7IEg=
last-modified
Mon, 27 Jan 2020 21:15:06 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSqDL3Dff9aJbi0kEdfdAHW25X019LvJNOtMmYg6KBLGcKgiGcywMJCplrjxz%2FDr86APrKiSX4WbmSXGxLm0yYAwnjJi1%2Bk%2FYcMdkV1fdxslodzSIeURpM%2BDdlAmFD%2FjVXjUgnkjXfc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
S3JMV9JZCKAEPD81
cache-control
max-age=86400
x-amz-version-id
null
accept-ranges
bytes
cf-ray
68ec5bf29f7f2780-PRG

Redirect headers

date
Tue, 14 Sep 2021 20:27:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40541
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZXv1b0v%2FSs9ZyD%2Fi7l%2BVLiXAsMHzMJcxXxyGhOn2Ap75C%2BQhYFVqiKNuK3BjGaJW8soe2xed3m%2Bu6nXjgGw4IKtSWpyYBssiafdyc5RVbDggL0zwdxHlZPcqvCxm0PVF1phQlZS96s%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
KZXMNZ23JZYRVZE9
location
https://static.socialminer.com/custom/default.js
cache-control
max-age=86400
cf-ray
68ec5bf1cdad2780-PRG
content-length
0
x-amz-id-2
1wud89l8ZEfL9VFDrEhPG1d5SKCnZ5o4kNlQVP0K61QFGQ4f/13c5zefbV7DNwrhJHmz5IQexuc=
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=Ehmu74liQICp%2Ft8GpOEn4A%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1631651279585&cb=0.0008136258859454681&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
68ec5bf19a1a4108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=Ehmu74liQICp%2Ft8GpOEn4A%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1631651279586&cb=0.9840445923698407&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
68ec5bf19a1d4108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=Ehmu74liQICp%2Ft8GpOEn4A%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1631651279586&cb=0.5770344028277477&r=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
68ec5bf19a1f4108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
css
fonts.googleapis.com/ 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,%20300,%20400,%20500,%20700
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/css/onsite.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
e253f71df145831550f8cf584058c18f6a120c27b3de1cfbb0f969c550f642a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 20:27:59 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:59 GMT
css
fonts.googleapis.com/ Frame 76DA 		4 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 19:37:36 GMT
server
ESF
date
Tue, 14 Sep 2021 20:27:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:27:59 GMT
/
hal9000.redintelligence.net/scale/ Frame 76DA 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
1d4a45236de6b5693b38950c74549ab527c697326dcdbfe3e96003c5bbd8ffd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 76DA 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
6df22ac86cca37c236c0ca97ef264eb918e97e49dd4bba4cd2efdfc912a0dffa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47786
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 76DA 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/58973/creativesup/1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
95e3f66a4c8b17c516fc6fc0133fc7eec5e5dd7608fa0063c5de930397757498

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
60840
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 76DA 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
a4d06029303a200417b3734eca1ddb97d9a5bab896df726ce5b5ba72e5666f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57914
Vary
Accept-Encoding
Content-Type
image/png
log_event
www.youtube.com/youtubei/v1/ Frame 1554 		28 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad08s04-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/0PZo8fXR68E?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
X-YouTube-Client-Version
1.20210908.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtTR254MVRqSXRGRSjMi4SKBg%3D%3D
X-YouTube-Ad-Signals
dt=1631651276803&flash=0&frm=2&u_tz&u_his=3&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKqT6J2Xj_s8d4I2yA0pi8u2JKB6CDWSicT6BhMMq2PKyDObFC3C8ZFNx7Z1gnXe_PTTYT5ko-Zt_OXMnYgoAtk6ibxwDg

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:27:59 GMT
gtm.js
www.googletagmanager.com/ Frame D850 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fa0c5753d76887c87c8256960ac276239960ab047b3f96d33d729c4ffa5d5c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36219
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:27:59 GMT
pixel
cm.g.doubleclick.net/ Frame B087
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDd2ZGNGcm8xTXFmMjc1&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cver=1&google_push=AYg5qPKNeWVo67ZyPxogyAZWzaeqXp__36TT1vVj9TstFWk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDd2ZGNGcm8xTXFmMjc1&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cver=1&google_push=AYg5qPKNeWVo67ZyPxogyAZWzaeqXp__36TT1vVj9TstFWk2ZYiCjes-fvl8rLYPSfXKqGbAsIAoVVhtSrSdAymlCzCYmECVBktfhKBDUrE-U61-RyHIF-6c-GGp-bfaRTiDCsL7W65YDQyz
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDd2ZGNGcm8xTXFmMjc1&google_gid=CAESEPBBcdhI3ali5gbNYJy3MCs&google_cver=1&google_push=AYg5qPKNeWVo67ZyPxogyAZWzaeqXp__36TT1vVj9TstFWk2ZYiCjes-fvl8rLYPSfXKqGbAsIAoVVhtSrSdAymlCzCYmECVBktfhKBDUrE-U61-RyHIF-6c-GGp-bfaRTiDCsL7W65YDQyz
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B087
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMLcsrkSftX7KCbaL9g5UAA&google_cver=1&google_push=AYg5qPIulsJUt9bU_X3G4PtyfMO5dMaj5I1ezjTmnrhLmG94IVNiSs_2uvin_D6pJHpUH_hWVoAbTgh...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEMLcsrkSftX7KCbaL9g5UAA&google_cver=1&google_push=AYg5qPIulsJUt9bU_X3G4PtyfMO5dMaj5I1ezjTmnrhLmG94IVNiSs_2uvin_D6pJHpUH...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ow5v_1q2S9qtXDr6rJIhWmFBBc8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ow5v_1q2S9qtXDr6rJIhWmFBBc8
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ow5v_1q2S9qtXDr6rJIhWmFBBc8
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B087 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELzHYAq-8RLz1Km6TwF6Jtk&google_cver=1&google_push=AYg5qPJTV7xEvcDfd4moTgvNEiLc_rPP4DAZgcix68Tfdc_NjedWh6FcLr8yFqdEaUN-AMxEN-AozEwgPAZLHafGYiUHSuUX-23uBzooH911A6jEHj0JORxJHV3OiO1C5xBxoRD6H8lIcmPr
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame B087
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEJW2OwxBJ2qxT1GkmL9B4Qc&google_cver=1&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEJW2OwxBJ2qxT1GkmL9B4Qc&google_cver=1&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v-t0EaIed7wRVGq0dQqFV-WUerM-EtRwJBoNnpxQNz-L-OkZo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v-t0EaIed7wRVGq0dQqFV-WUerM-EtRwJBoNnpxQNz-L-OkZooqLOIdaMDVJSsr&google_hm=MDMwMzAwMDFfNjE0MTA1Y2ZlNWNhMg%3D%3D
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:28:00 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLZL3Gdebwcz1M3GACufyQGhsuloLhMFZI5kYQipwIHEDe7fPax9sB2hGAuykmMwVVMU7shGn1--v-t0EaIed7wRVGq0dQqFV-WUerM-EtRwJBoNnpxQNz-L-OkZooqLOIdaMDVJSsr&google_hm=MDMwMzAwMDFfNjE0MTA1Y2ZlNWNhMg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame B087
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPd3eG3w7ynRjSwtW_ZpCDs&google_cver=1&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagN...
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPd3eG3w7ynRjSwtW_ZpCDs&google_cver=1&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagN...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagNmXTTKVUODJAucjJxO5FoCGNfVzQYISv4-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagNmXTTKVUODJAucjJxO5FoCGNfVzQYISv4-EbkQNI3CZJ&google_hm=zZDD86PMKSgAAikABlF75f60lw%3D%3D
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f19-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPL6-wJ8h7uGPDiWi80tahNM_kbhbi7Md-OWNCSNuwc_l_3RFFV1bzf9xtKvSkwqVVnJCqU7fv2W7sDP3wJtrqqEbbUi8aagNmXTTKVUODJAucjJxO5FoCGNfVzQYISv4-EbkQNI3CZJ&google_hm=zZDD86PMKSgAAikABlF75f60lw%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B087
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF7Vcsxt3XD0-ZUGO79Aj3Q&google_cver=1&google_push=AYg5qPKo-TDKp-n8UeZsChudCLMjrBzy-a5phVP2suVsfoNvANLHC84Ib4tVetnwKmOtkL00LDokLM...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKo-TDKp-n8UeZsChudCLMjrBzy-a5phVP2suVsfoNvANLHC84Ib4tVetnwKmOtkL00LDokLMCtmYwoyNt82bfYOAQ8zfD76JDpMhypZDKDr5F7fsJO_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKo-TDKp-n8UeZsChudCLMjrBzy-a5phVP2suVsfoNvANLHC84Ib4tVetnwKmOtkL00LDokLMCtmYwoyNt82bfYOAQ8zfD76JDpMhypZDKDr5F7fsJO_gVq18DKW4HycakQIgRXi_A&google_hm=NTc0NTU4MTM1NjI2OTg5MDc%3D
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKo-TDKp-n8UeZsChudCLMjrBzy-a5phVP2suVsfoNvANLHC84Ib4tVetnwKmOtkL00LDokLMCtmYwoyNt82bfYOAQ8zfD76JDpMhypZDKDr5F7fsJO_gVq18DKW4HycakQIgRXi_A&google_hm=NTc0NTU4MTM1NjI2OTg5MDc%3D
date
Tue, 14 Sep 2021 20:27:59 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B087
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHppZVet6YsiL94M9Zi2dHI&google_cver=1&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHppZVet6YsiL94M9Zi2dHI&google_cver=1&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ISFpyX2VaRTJ1RjRNd1hUSjhIaDBsN1VCSkVwQjdjNX5B&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ISFpyX2VaRTJ1RjRNd1hUSjhIaDBsN1VCSkVwQjdjNX5B&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7tnBmvqVXy87GlWOwGNHEa8ITGqMtqDAwmGCxweIczagW49hX6MDckV8iwA6MO6hUTyr0fTPQ
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:00 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ISFpyX2VaRTJ1RjRNd1hUSjhIaDBsN1VCSkVwQjdjNX5B&google_push=AYg5qPLGryGiElZhSQgCLR7FXrFjSC9c8ewVlpF35WPxYLL6zCVH8tnh_vN_XWCMsXmtW05Be7tnBmvqVXy87GlWOwGNHEa8ITGqMtqDAwmGCxweIczagW49hX6MDckV8iwA6MO6hUTyr0fTPQ
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B087 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQFdyt_FmbLdJeU2fH_EWDJYP49QkDZR8Iz-jlNLagv1tK2T0KFITPAF42yH431gOdIrddeQ
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 4AA0 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=27661200205041100710626011717028&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-31.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 09:10:20 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 10:14:21 GMT
server
AmazonS3
age
40660
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
x-amz-version-id
ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
content-length
51794
x-amz-cf-id
wZV4jT1zszZJWho5vllTHYDydGGjyvFJ-2R_-tHie6EST9MlJYt2VQ==
link.html
track.webgains.com/ Frame 4AA0 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=42415800216238100951421011717003&wglinkid=498343
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:27:59 GMT
Last-Modified
Tue, 14 Sep 2021 20:27:59 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683
adservice.google.com/ddm/fls/z/ Frame 2919 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOKo9em__ICFRKChQodO4kOlQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2965550115752.9683?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:27:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900028.redintelligence.net/ Frame 76DA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=27661200205041100710626011717028&a=9dbd6033&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=27661200205041100710626011717028&a=b203a4a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:27:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 76DA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:33:13 GMT
x-content-type-options
nosniff
age
183286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:33:13 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 76DA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:23:42 GMT
x-content-type-options
nosniff
age
183857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:23:42 GMT
style.css
s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/css/ Frame C98B 		2 KB
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
3ffeb8efe5bedf54e2cf5efd606a0e5395fcc419100040a9c8dcb344be9b5ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426172006/22-IWE-Edition30-Billboard-970x250-SUV_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 11:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
461
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 16:09:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 15 Sep 2021 11:46:02 GMT
pajs.min.js
plugins.soclminer.com.br/v3/assets/js/ Frame 006E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/js/pajs.min.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be97ade1a009ba58f04b22da4007db70e29ad3ecc437bede28f13a2481bc5536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17333
x-amz-request-id
ZJBR3BRRQ2HHP5S7
x-amz-id-2
w2nUgaf7g4ePr6wIej9+J9W9CALblSYr6ye4ZwYn0AVGZ2mJFgB9yFDphBvsn8ea2OJ3Sza2os8=
last-modified
Fri, 28 Oct 2016 14:27:47 GMT
server
cloudflare
etag
W/"7002afde1f637ef2c8b0b1387791814e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU14vXrFX2uyFDD1TWwYFCWjKYm%2F1RhJrPabec4FjkqAEWz7cZtZDSq4jE4I%2BNSRg%2FaygHNCmCsjyyjrYAqulaXcHulZ4WCYvoftCgO2NUARxWXbeLAeSG5r4Xw1xG0vp3RmsdMnGlorQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
68ec5bf4b8ff4132-PRG
all.min.js
plugins.soclminer.com.br/v3/sdk/ Frame 006E 		129 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=361f494e-7721-4858-a5fd-5899b46464a6&sessionHash=39f8e3df79d583613482c278d946ce776bdec022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42397
x-amz-request-id
SQ82RKKDW3PA3XZ0
x-amz-id-2
OKTFc8itn+rdjrsp4S+6U8Gwu+yUTOZvMiiFfFZZ2fvmiVqixsM4lbJ9kSae0KRqwtKbrAk/g/I=
last-modified
Tue, 27 Apr 2021 23:29:34 GMT
server
cloudflare
etag
W/"5add67ef8194e067ee0fd36a665defc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NclHNSMJUhyTDKNMpbAiBvyQKoB%2BIGHSdnaR5cpF6tQ0wzUfIB%2FPByJOphliYPlzijps69fvjnh7mORuj07d79PajeAjOBmHbrbEMu1qHKCs9DevKPgnPv3hXeuurB82BcDSJHmtrZJv8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
68ec5bf4b9034132-PRG
style.css
s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/css/ Frame 696F 		2 KB
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
8f068605568d16591c072a4f6a63b33e51010353d019f383c8dc04aa33177234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9758366/1630426174548/22-IWE-Edition30-Billboard-970x250-SUV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 13:48:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 16:09:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 15 Sep 2021 13:48:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=-0.984375&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=1712&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14165&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A99%3A-&pe=1%3A932%3A932%3A0%3A1559&as=0&ag=628&an=0&gf=117&gg=0&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=628&bx=0&dj=1&aa=0&ad=628&cn=0&gk=117&gl=0&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1457&cd=730&ah=1457&am=730&dq=758&dr=31&ds=758&dt=31&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=13&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1964935671&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:00 GMT
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:27:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
2a043842389a3a58d2ff6e75a56e989625b4c74ce330fc08a88277cff619660e

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b60
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
10373740
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
4080731ec7838e8127a0f8fbe1a5d738aee67820fb499fb0b5e7f6884a929f5c

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b61
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
9122889
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
753064c5ad9e8da31e110c900023219ac140d9503b1a4b3120e45f9669308fc6

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b61
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
10373776
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
b0d9052f9f9bfa524150b8d87f5348df02d36ebf6e134fab4135b6aa9b81b3d5

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b108
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
9122909
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
550c49012ddbc399c77d2945bd5b77fbd5905c0bfc13384ca26c56cd4d1e627b

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b87
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
10387887
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
83217e74278f741087a25b9370e9533c3dc24c1a2f05751d6075f48aac7fa126

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b85
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
10397654
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
d64070bf3c14449594aa39dbb2b6899738644af1508a3bb15420eee31d9b7758

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
10374083
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
6be54bfc193daa43af1c0b97e715e87faa33a1fdd44ad006965ec880b4f59d47

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b95
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
10393559
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
0fc46a4f3a441cac41dec8d14823610ca9d95fa6306e908cb8b2048099b22866

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b77
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
x-smrt-i
9122927
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		22 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b68
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		22 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b75
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ 		22 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
genericpost
www5.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/genericpost
Protocol
HTTP/1.1
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://www.correiodopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.correiodopovo.com.br
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48E7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0veXzgVBYeTPHMijlgSgjprYCQAAAAA4AeAEAg&bg=!p6SlpODNAAYT0U73E9E7ACkAdvg8Wj89Vd971TgyC50ubKrfaxkQt9KkmJ-clOWyt6eE1Rj5lyXRGwIAAAPBUgAAAFBoAQcKACbhcVpPQxXku8RA4V7uSERoQHU0ZInEkIE0OI-sJqY4q-_MHObZaJkC3Xh5z7mUPuP0thdGBpo6Wfy1b0r6skJf-tszCvN-dQMZvFwLckidOiZigvnwTb4JLUyjIsJIMKD5WjdEuggPNzwnZgPzSwmGbFIcZs0Px9CFAh271xlvYrhcUXa_xNLzKyStdcAVtHzuD1wDy-PJMcAqYBC6yakKY2mrP_kKCFImmRlHy8K-Z_HcKRoykV06QYJqKOZXDe2YcL4KHzecXPF4DH-GRFJSrIo-vO88IjIzlAlSgcwD7GgwLKV44NyF9fgLLd455mWeF-g8ps_VGK0tu7KUz5ipO9ghKkYkl1PJPimPL-blnQKdPiu_ycy1UH_sE09UXRL6-7MuJtRRIg2bvbOgDSLmtEU4ouCtk5cH52MjdX3LP-ZFMb-cK4xQLC0JTqRM2vLWRBJ9-yLLpVtYPnrfX55p5fUgxgVrLhiV0OWPpNr2lhvgZxO2V7pRjUkjc6Lzdl4UPum4tRuVnNUT4GGFIa-FFw5LWnHw0KRIpeWFWIsX04u7jzJ6A5SVbBOxAX-A2s2yVsf4SwbqYMbCmISWH9F8sq4OIxnIam83HK7sVRbNGL7SW2jtrxg4Z98ErBqy9wUnpc3K2sk4iQyrkkMI9LXTRCIJK_l1dkCq7UFOKvBHYED1CQrlXxPZdTZPMWK3pfMuHPIcjH6mpJR8wPbXh5BsZh9T_UEDxYTuuynuD-O0dnBLtx37CSqCEC34Lbxqvr68ziXGCIHGEqJRSC064NHjNY-T92wG1eiM1gCUmDRPYIZx566O7BXFJ11xPQQMOYJvqC3EApuXI93vqtFHWcdr7zjImMxU4ys2Cphkh9eDhWQ4MJCOtPQvYIiHa_JIHQe9KnojfYEzCeqnf3vozFRiqUrPxD9ua5P4dpEcN1RjcgQa0cxsoEgItP8dJxs2HgHEqCpAHUhBfHNBMPPGR1irLgdUUTcBy6lA4HVwZfaqIbTfcJHFRJ_L3Ez0fWIFPZrSCy3wapg
Requested by
Host: 95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
URL: https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1281 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7JF1zQVBYfCCKvK6-waCurmwAwAAAAA4AeAEAg&bg=!FxSlFFDNAAYT0U73E9E7ACkAdvg8WgF_4Yx46ertnnd6z05F2UhPRUWA8lvUHQf_Ki1jJl1pJxR4EwIAAARYUgAAAFNoAQcKALiUnlLErLoQCgqKb_2QEj_mD6FIciQs2ECkvdo6XyAN3fRQ6vspf2q_BAb1YSeB3gcx47JzI9lXmEGjzo9qY3b9J9i5J-kNjbp584C3kdzoZMg6rMU6sgxIqwFbzKHSJ5z8paEwR_Wg0DQioVTjPCH7vBGIgX46r-gHrNmojqTTS7u2fKGd6rMhFvzybQU8i53vA1cibgNwMnKjBoTwbRvl3s_uBWKr2hzvpzdbll13Nj73dVJa60M-mQLcJ-UkM0QeUlo6mg3s5meLmg6twLZTd_w91jQh1Gg1rX9x7IlFdf2idbMtSaJHp2Qt8BTZzAmP1QfYsN982Vd6bOJ_ubQyagQIbvu9Wy_P19RbV-zMXQj8vwmwQqWVR2NKiJ6z7sVaKn32CeRnVT_Lg_KWUuarOpBO2Ge_UKSlSHuKugVhfwhybrRnEJGc1OUhiJlBGUz0Jz5up-fYtlL9AFdhF08w4YAcuvwPmR3xSX4xVKGM0h3M-1eIqjNE-KqjOXR-KOnuveWOyCOF8l0088WyiQ0Zfg2kj8KmmvsIPqRa89BA59Ait1QHou3e0wu1AfBbo2x_5YhO2ShHyNuy-87GIgfox548smp86zPbXbsmXjlnyVvdbRtncvXUNow4PTvGTlz6uKqkj2o0WQPvtD3ycSXV5oTTo7D7eSHpPP0p_ud1y4MQrwZcs0cXicSNdSnYrwKy0U2WCxg9Jw6-h_Y3KxzAogI9w-RKC93EGekcSNKiQnJYwqZMScJ2iAJBaXSb-eXM5txiepfBjdTELNQZnW2v8d0yB8AcXLJrSVCSnnJ8gZP35bWpHmGxCPfB5po2U0WU4zFWShpUZdJlGKXM9GZGUzUninQrez0h3DRCh0U1Bj7mxOH5NlCy_QQe4U3vvrKaVylXhJLFJ0B00_baXsElq9wukupBMwryzbk34_vSWOzpLdjQ9gObMDPeSQDDGla9Dq47Uio-PJ9h4zO02_M8stxfFywh7bL5b3tGOdlmqa32umePFAEgmFQauvuVCVNgik3Mo2YoCug70TyYyfdia7foS__6U_37ocJObJA3oNVwb6jW31dyeRrIyKTsBO_6GLSLWkmoXnOqi0UupmOOk0OlYwi0yTtASO1YIkzJrvojeiRixi1_Jc658Vfsg8ZS8sR3ygJOrc69ek6fIuMUfNCCTEXAXrNVQGvPoWqAwZYYrftZ0BZr4C30QuV4U2nFk-hNf9ez
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB43 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNmzozgVBYdOpHK2FzAao96RIAAAAADgB4AQC&bg=!1Nel15PNAAYT0U73E9E7ACkAdvg8WjltBv6zduwWzZ9QdlTXip-986wSJG1Mur57ZOQI48HDg7AuhAIAAAN1UgAAABpoAQeZAttg0Td7jORLZP0jHOLoyDPnBy2QtActphfO1As_LHg-x56jAN4pfT94IRtlZzvIw8WfqSOzO-1QNA6gngvaHrWVfXFvvbz1tKjMgtQ-DlPwwGXGtMh3hDLg38SR5K2xB5AcHm2WGTxuCJnIkzeBhNp9PllGZVZ9op1Qn1t5dWmf_aKEG7JRH3HzLyxzCu2rgd9GjuIHg8Q-TiIMjNPKOyMnscYyliRNvkjVsWWzX-MZImOH4eQGHQUvPUu_NJYvWi4zieNbKqH7SqiiOKmjl1b9K_IOgNvMpS4Egwa1HAYcvj6JYd-QRLKbRr10vSn9AFcfwLKjphb-dUb0b873wGtcgeDLsdi_5XHkXuYqoMiLskQjQ377_YZzype2f5c3nSRx1g7j8C9arh4mJc7n4w2YEG-5EnJUWmBVRvc3rOPbNz5j4Hf3KedrSgKKgjJQtJ0sKk95TbwG0w7BsOWi_EPqyXob_OlOoPLkIKOH5a0HzACkJqdam_k2dsoRc1G-39rXr4clq0G73-yAkbjs_aUJWFh0ZOKHGgYtKKTq4FnGFotu28VboBcFaiFUKHE3TSJDSxzIpwpJR_nlz_3zfaS4LxtBb9vTX8k54gQDTX1YqtaDKKLRuepvnkzMbHgOnxVa-glBbW50p0kWBLGgom15kTsOXWam-T-Aze0zZ9eBRzxDhL20uFqpSlNEumL1JzFmeu1fEBGyVMgT6l0oj5P_bwZle5g_fHqQ25ze2e7WFZ7QeRbEsXGNK5KfL2SJaQPCOmhtWfGJpcnskRT-dkNdUJJRKxx_SsORxeD7asB4_DGV4wnaFtLboSPtCIsM2KWxOEzhuUuhXTQlI72uhBi-OXrhbBZHY8gFhA61l3iaDay42N43caWDAbuZRUvS13MFagyJpibDTTRjQr30khpu93ymwRLA6XzgSKwzFYNDFdiXCkZ5X0p0bXZrX3I4MUm8Fq4CA3R5P5gihg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadEeYAATkzFARksFAQtjF+yJNSA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:27:59 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLEvXAATkzFARksFAQtjF9yJNSA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:27:59 GMT
index.min.html
plugins.soclminer.com.br/v3/assets/html/onsite-sales/ Frame CA28 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92ccac55b55ca8401a4cd46382da0b5b9ebd8b22c963ee032bde97cb76f28ad

Request headers

:method
GET
:authority
plugins.soclminer.com.br
:scheme
https
:path
/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
content-type
text/html
x-amz-id-2
cogTuht+Rgw6Jje7Jt0IQwJJATlBBcYMw3JQoOt5GQ/Sbk7xfwgytH4/vYtrprPFGD+WOe0mWTg=
x-amz-request-id
3XZPPATCQV9G7GPZ
last-modified
Fri, 22 Jan 2021 00:28:41 GMT
cache-control
max-age=86400
cf-cache-status
HIT
age
4362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4FgftFQHRzoHiKGpWdjvdz3dcWWjr84U8%2BQq9x3mdZ4%2BSJL1onjNLARpBvAseEW5bnRmDuS08k8NowpA0chC58nmgz6AQSihUdwUZAc4b2yGyYnhGV7CMpW6jK7%2BbxkvfFO1WaLST46SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68ec5bf858314132-PRG
content-encoding
br
index.min.html
correiodopovo.soclminer.com.br/00000000000000000000000000000000/ Frame 8B51 		1 KB
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://correiodopovo.soclminer.com.br/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4217f2c8e10b25a869b1a649dd5b15ca1fe010e85a912f6095a130a4606ea55

Request headers

:method
GET
:authority
correiodopovo.soclminer.com.br
:scheme
https
:path
/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

date
Tue, 14 Sep 2021 20:28:00 GMT
content-type
text/html
x-amz-id-2
AMO1qQ04SuwDshsSpll7oUAOnHoirQzdmxHY2TiOctkBD+63Qs1VUCPPXqpRlFjYyQTT/8/i330=
x-amz-request-id
3XZXTZB8ZZ3DGF5W
last-modified
Wed, 07 Oct 2020 13:58:58 GMT
cache-control
max-age=86400
cf-cache-status
HIT
age
4362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vos3K4CskFZbSUPNzcKhvmNbdeHyTl%2B8%2FShvQWKMPnqFU3dY8Rw7i9JpuIQbQeO0TvuD%2Fye%2F%2FtOuTglLwQRfcEidMFA1tMlCjexQN4aU05XXgoApOTeF26DKR6HAFIO8VgXlAhCrxHWDfJmQMHJdgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68ec5bf888b64132-PRG
content-encoding
br
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=2150&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14165&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A0%3A1559&as=1&ag=1069&an=628&gf=558&gg=117&ez=1&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1069&bx=628&jz=1917&dj=1&dx=1&aa=1&ad=1069&cn=628&gk=558&gl=117&cp=1917&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1917&cd=1457&ah=1917&am=1457&dq=1218&dr=758&ds=1218&dt=758&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=13&vt=23&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1298082035&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=2738&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14165&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A0%3A1559&as=1&ag=1658&an=1069&gi=1&gf=1147&gg=558&ez=1&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1658&bx=1069&jz=1917&dj=1&dx=1&aa=1&ad=1658&cn=1069&gn=1&gk=1147&gl=558&cp=1917&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2131&cd=1917&ah=2131&am=1917&dq=1432&dr=1218&ds=1432&dt=1218&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=23&vt=36&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=699422218&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:01 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=30
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651281.454881,VS0,VE9
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
usync.html
eus.rubiconproject.com/ Frame 07A6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Sep 2021 20:28:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date
Tue, 14 Sep 2021 20:28:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 13:05:57 GMT
Server
AkamaiNetStorage
ETag
"88d30f421fe92800cd38b52870556b28:1631106480.782098"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10406
tracking-event
api.webgains.io/ Frame 4AA0 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.21
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.21
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=3205&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14165&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A0%3A1559&as=1&ag=2126&an=1658&gi=1&gf=1615&gg=1147&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2126&bx=1658&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=2126&cn=1658&gn=1&gk=1615&gl=1147&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2974&cd=2131&ah=2974&am=2131&dq=2275&dr=1432&ds=2275&dt=1432&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=36&vt=46&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=846805744&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:01 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
onsite.min.css
plugins.soclminer.com.br/v3/assets/css/ Frame CA28 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/css/onsite.min.css
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b11ca4376d9783b6b5f65165de0e1c10990e72f13453838c89d3cb08fbdd582

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17335
x-amz-request-id
H00DKSMHXTKHPK2V
x-amz-id-2
qtMOhoUhJ+s41Rk+3lfNJz/hEfMVlg62cTJmk/9oYV7og9/mS+fMkpW/+JoBvDE2I9pkD4jnlig=
last-modified
Thu, 28 Jan 2021 19:32:57 GMT
server
cloudflare
etag
W/"7ed90ef5a4ea0bb575528aa6cb28398f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIyhc%2FYvRJQoLzmV%2BtK1e%2BYm%2B%2F6CgqR1y2r%2B1ki5%2FSzpltgAV4hxMBKSUem7OyoEMcuDMGpwBb6ffE9qVE6V%2BwIs3kUAoGFvOIRyHqa0krRE5XxwOYNl78ZYo6kHHzwuyaz91IpShqnjhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
68ec5bff1daf4132-PRG
jquery-1.11.0.min.js
plugins.soclminer.com.br/v3/assets/js/ Frame CA28 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/js/jquery-1.11.0.min.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8345
x-amz-request-id
Z3M13Z1HQ8SZRVM1
x-amz-id-2
Rndq3Up183p9JgLiL+ulRsK1AQ8q9RzbhqoWkFMb2hoFGA+eOKwvMX8gu8RZFUh79HMFpQH3P4s=
last-modified
Wed, 06 May 2015 20:12:11 GMT
server
cloudflare
etag
W/"b4dcbfea9590cb192bc91d4b851e3c39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIqhbFxHH%2FRxUK9TMHTMzcZFHO9HZJNTTaePMLSl%2B%2Bd7D6gO%2FEPv%2FYzmIV5rNws1LdPKDj1e0oWIgnVedrkG1epWBi50%2FfjEg6e%2BuIfx1b9MuDoXEViBeHu4Gjb7LTzXUDW3E7qzidTpsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
68ec5bff1db24132-PRG
pajs_internal.min.js
plugins.soclminer.com.br/v3/assets/js/ Frame CA28 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/js/pajs_internal.min.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015fa1b4b173ef6c801b1bed8b0bfb6b4bd36796941ac03088dacc2373a6b665

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8156
x-amz-request-id
ZJBHJ09MR11W0MEY
x-amz-id-2
qSlV2hY0VnfYD2/PYSyktmKta3QAQA61WJvav5K1eMhIT0QhRVCvgw4vyuSa2VF6qgq/iK4jwJw=
last-modified
Fri, 28 Oct 2016 14:28:11 GMT
server
cloudflare
etag
W/"45288dfe2efc121f84edaeb1ac023b0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VruxVZlPBd4KyPfyOH5xpfFpGgRIOcp4iP1wFsxd36gPmEiJ3u1%2Foao5Q80p17Cfy%2FwobwFXtUATqsMroGWfQlfkn8FzCAZDUw03YdCy4HtLYPz1n%2F%2FhfMd%2BHFRwdOEW9qOV9Fngb6Law%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
68ec5bff1db94132-PRG
social.min.js
plugins.soclminer.com.br/v3/assets/js/onsite-sales/ Frame CA28 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/assets/js/onsite-sales/social.min.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af83fbcc69c7e9771e38c460c76733042523c71a51206b18c18c1f1f52223dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17328
x-amz-request-id
VXZW354VWGBTGQN1
x-amz-id-2
+AXgow8ruyDzzNcnX+Lhcx6TCO4YmdgInWNRqa2ghGQD6DOPqcvxFZB+bVkbCT25vBXyzqgv3GY=
last-modified
Wed, 11 Sep 2019 18:09:34 GMT
server
cloudflare
etag
W/"bb9ff27fa9a9985e9bf8e36722148789"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHSZnAoGIdbNoh85vNJ2Poi5p7UkaWbzzNfGs%2BUIIoDLP2uCjypcrstkANmEX5BYyJtWQ%2BfXauFUGWrYA7vbyByCXf1%2F2NsvoYamVzfqtUtJh0rHeM95ECy5oIePXIjGWJ9MVKuAs2fgHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
68ec5bff1dbc4132-PRG
onsiteBundle.min.js
plugins.soclminer.com.br/v3/sdk/ Frame CA28 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/onsiteBundle.min.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b810e3820c619a1a1a04655f62dd95362d5279be745bc908eff63005692c1294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8113
x-amz-request-id
4QGGFCGP2PQZY2WS
x-amz-id-2
EEpdbnvt6NS/z4w7PJWPOeOZbMZE1ZnHuSaHVqzM6Jy5oMiAMHBB6XlWzcx5RWkdE4uP23l+UzM=
last-modified
Fri, 22 Nov 2019 20:06:10 GMT
server
cloudflare
etag
W/"1e99fe649c2d48df94b109a2e4c79e24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQpwUmQjkh24206ahf0orVXNhfS81kowhLBpaX6hNFrv0hE9gJhkv7CWjf2eS7lyyP%2BIdRPaBh3smb9DkjZez%2B0sFTp3CH85KWghXQVYRyYB44BjvDAF3DM9oCY52KmiMhOp2udaBNpudw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
68ec5bff1dbd4132-PRG
all.min.js
plugins.soclminer.com.br/v3/sdk/ Frame 8B51 		129 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by
Host: correiodopovo.soclminer.com.br
URL: https://correiodopovo.soclminer.com.br/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://correiodopovo.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42398
x-amz-request-id
SQ82RKKDW3PA3XZ0
x-amz-id-2
OKTFc8itn+rdjrsp4S+6U8Gwu+yUTOZvMiiFfFZZ2fvmiVqixsM4lbJ9kSae0KRqwtKbrAk/g/I=
last-modified
Tue, 27 Apr 2021 23:29:34 GMT
server
cloudflare
etag
W/"5add67ef8194e067ee0fd36a665defc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEU5JnhGq7ZGhvAQ2DSkkhQQQinKtqarC%2Bb1v0rD6RDcTodn5idyf77BzeOeSPsWlWWH2vpyov8e1UmQ6Mn%2B5Ppr46TyUJxQzoBkxCbw2L3SkpGgFpm%2Fmsokc0E6THhGA6niRLdwPpRYag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
68ec5bff1dba4132-PRG
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 10D8 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
29964ebe2f62abfc444b03afa6345cc1aaba5df4cf0dc3af1f0aadabd133e84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38476
x-xss-protection
0
server
cafe
etag
447347621320906878
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:01 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 048E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
29964ebe2f62abfc444b03afa6345cc1aaba5df4cf0dc3af1f0aadabd133e84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38476
x-xss-protection
0
server
cafe
etag
447347621320906878
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:01 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D047 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
29964ebe2f62abfc444b03afa6345cc1aaba5df4cf0dc3af1f0aadabd133e84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38476
x-xss-protection
0
server
cafe
etag
447347621320906878
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:01 GMT
12303_WEB_BANNER_970x250-8_bfca6057-74c5-494e-b964-cfb983eb830e.png
creatives.sascdn.com/diff/1320/10373740/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10373740/12303_WEB_BANNER_970x250-8_bfca6057-74c5-494e-b964-cfb983eb830e.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ffa065bb57feb341adfea9070b0611a29de142aabe947249692423329dca4d1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Last-Modified
Tue, 31 Aug 2021 17:28:05 GMT
Server
AkamaiNetStorage
ETag
"1b278476c26938cb89f076b48d88b1c4:1630430885.193765"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107463
Expires
Wed, 14 Sep 2022 20:28:02 GMT
LATAM_Digitais_300x600px_55d8da80-5c8c-4ae0-9872-a739e11b5676.jpg
creatives.sascdn.com/diff/1320/10387887/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10387887/LATAM_Digitais_300x600px_55d8da80-5c8c-4ae0-9872-a739e11b5676.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f9f4f7122fffa7558b77eb250cf2ce13588c588b25f9e808744ec95bedc264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Last-Modified
Wed, 08 Sep 2021 13:48:14 GMT
Server
AkamaiNetStorage
ETag
"472371a45fe011cc22377bac680fe586:1631108894.670715"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57989
Expires
Wed, 14 Sep 2022 20:28:02 GMT
0001_Desktop_f3e6784c-eb64-42c5-af93-57818538b06c.jpg
creatives.sascdn.com/diff/1320/10373776/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10373776/0001_Desktop_f3e6784c-eb64-42c5-af93-57818538b06c.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1522e3c015d201d5754016ab5fe55a980dec1b7c2f0e631cd08fcca92f4ad771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Last-Modified
Tue, 31 Aug 2021 17:41:15 GMT
Server
AkamaiNetStorage
ETag
"bf57624907354fbc39809ee1a74865da:1630431675.383962"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21417
Expires
Wed, 14 Sep 2022 20:28:02 GMT
Banner-Digital---Correio-do-Povo_300x250_930e0afa-55c0-4a5a-896b-891aaa62bf06.png
creatives.sascdn.com/diff/1320/10374083/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10374083/Banner-Digital---Correio-do-Povo_300x250_930e0afa-55c0-4a5a-896b-891aaa62bf06.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cef034a29f4cc7e004fd8a6ba933ea11dc0b25d4e5fecb91a613bad85e2a8ceb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Last-Modified
Tue, 31 Aug 2021 21:13:08 GMT
Server
AkamaiNetStorage
ETag
"53869028deddbc0dcdd7e2950f4851af:1630444388.732987"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142043
Expires
Wed, 14 Sep 2022 20:28:02 GMT
Anuncio---Reac_o-em-Cadeia(300x250px)_DATA_f80de89d-724c-498a-91a7-c4ba42124c40.jpg
creatives.sascdn.com/diff/1320/10397654/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10397654/Anuncio---Reac_o-em-Cadeia(300x250px)_DATA_f80de89d-724c-498a-91a7-c4ba42124c40.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6899ed4ec3619e501c119fee6651269c34804d7c748aed015be7eb99b348e462

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Last-Modified
Tue, 14 Sep 2021 14:55:22 GMT
Server
AkamaiNetStorage
ETag
"2b9f7614ac064ec15ae3f3f649ce46a7:1631631322.426462"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46373
Expires
Wed, 14 Sep 2022 20:28:02 GMT
Andre-retangulo-azul_bf0239fa-b06a-4c83-98cc-de1d7e1b02ca.gif
creatives.sascdn.com/diff/1320/10393559/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10393559/Andre-retangulo-azul_bf0239fa-b06a-4c83-98cc-de1d7e1b02ca.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e62daa1e5a34ef61c84ffc720dca40503ffd6fb41838a731b60abf487be0115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Last-Modified
Fri, 10 Sep 2021 21:40:25 GMT
Server
AkamaiNetStorage
ETag
"d5b09054604b3c8e726821e15912a909:1631310025.967089"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36114
Expires
Wed, 14 Sep 2022 20:28:02 GMT
css
fonts.googleapis.com/ Frame CA28 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,%20300,%20400,%20500,%20700
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/css/onsite.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f10.1e100.net
Software
ESF /
Resource Hash
e253f71df145831550f8cf584058c18f6a120c27b3de1cfbb0f969c550f642a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 20:24:15 GMT
server
ESF
date
Tue, 14 Sep 2021 20:28:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 20:28:01 GMT
usync.js
eus.rubiconproject.com/ Frame 07A6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e79c4810102b289ddad74e8a731fdab545e666cb04cde36d2daa32c7a469508b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42270
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 15 Sep 2021 08:12:31 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ Frame 10D8 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94977
x-xss-protection
0
server
cafe
etag
10103688518249724071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:01 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ Frame 048E 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94977
x-xss-protection
0
server
cafe
etag
10103688518249724071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:01 GMT
khaos.jpg
token.rubiconproject.com/ Frame 07A6 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
sdk.js
connect.facebook.net/en_US/ Frame CA28 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/assets/html/onsite-sales/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=ff61ae4712a440469640bd2f82aa2c35&pluginParameters=%7B%22animation%22%3Afalse%2C%22ShowForm%22%3Afalse%2C%22EnableTestAB%22%3Afalse%2C%22orientation%22%3A%22center%22%2C%22timeToShowAfterClose%22%3A172800000%2C%22timeToShowAfterView%22%3A3%2C%22device%22%3A%22desktop%22%2C%22background%22%3A%22%23000000%22%2C%22logoColor%22%3A%22%23000000%22%2C%22logo%22%3A%22https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35%2Flogo.png%3Fv%3D637653383870979332%22%2C%22title%22%3A%22AS%20%C3%9ALTIMAS%20NOT%C3%8DCIAS%20EST%C3%83O%20AQUI%22%2C%22message%22%3A%22Assine%20agora%20o%20jornal%20Correio%20do%20Povo%22%2C%22timeInSite%22%3A8000%2C%22TypetimeInSite%22%3A%22s%22%2C%22TypetimeToShowAfterClose%22%3A%22d%22%2C%22typeshowAfterClick%22%3A%22d%22%2C%22textOption%22%3A%22light%22%2C%22link%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%3Futm_source%3Dsoclminer%26utm_medium%3Dsoclonsitedesktop%26utm_campaign%3Dsoclonsitedesktop_desk-assinatura%26smid%3D3-17%22%2C%22linkView%22%3A%22https%3A%2F%2Floja.correiodopovo.com.br%2Fcollections%2Fassinaturas%22%2C%22scrollPercentage%22%3A0%2C%22pagesViewBefore%22%3A0%2C%22showAfterClick%22%3A259200000%2C%22typeInABTest%22%3A%22%22%2C%22Weight%22%3A100%2C%22Version%22%3A1%7D&version=20210823180129000000&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&path=https%3A%2F%2Fcorreiodopovo.soclminer.com.br%2Fff61ae4712a440469640bd2f82aa2c35&hasOptIn=false&isMobile=false&gaEnabled=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
18553dd1410cc7d4f5e3276a37f77d6440cdb7a87cf7a9fe59164668f7280fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
foBRC9LZYvD9+IPLH8KSOA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
oAgjZWtuMRZhDXeUC71ykMQgvnTwQDMj/qCW9KSUNSeRmNWYxUV3sUG9PrU7hLqJg/frpxP5CVff9iaVqN4WAQ==
x-fb-content-md5
ead7567376f239ce64eda150d741f8de
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:28:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"809e94f560e9a018773436e95df5a16f"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Sep 2021 20:41:02 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ Frame D047 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94977
x-xss-protection
0
server
cafe
etag
10103688518249724071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:02 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 10D8 		210 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
cafe /
Resource Hash
8ef93506c399097653d0e19af1d14f3212188ad46cd83aac4b7a6d4818b6415a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 10D8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 10D8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E10E 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
0736ad12261fc4b4346f9113001a7391e43b5d5c3bd9161807807addbaf332d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Sep 2021 20:28:02 GMT
server
cafe
content-length
8914
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 10D8 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:28:02 GMT
sdk.js
connect.facebook.net/en_US/ Frame CA28 		228 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e58e053bf64802d3bcf764dd9c3d9d08
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
9722b8bfb6a9867b915f5988138a693206e75a063b062e55632bada771adca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://plugins.soclminer.com.br/
Origin
https://plugins.soclminer.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6DEB0ELiKa84dmgD4LvJBw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68346
x-fb-rlafr
0
x-fb-debug
csGOJ0dV7K01ys+yOuCjZ/C5AO9ux8tSzRIwuOmAeXySfi8+VFmt8VxUc3PsymApyZrTCy/UeCiDPThtFal09A==
x-fb-content-md5
92df62997a11a37bf29de09a80a97299
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:28:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8f6d5bb45e6384a1ec55cfe133bc80ab"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 14 Sep 2022 20:05:46 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 048E 		210 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
cafe /
Resource Hash
77cbdb47c26f2ebb5baca4e08872e975672f7295a1d2d6019a2d4058629d7a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 048E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 048E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F8D 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
9327fed20747ac53aa7af8234f96572807fb9761b3b756703abb4102d5a6d163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Sep 2021 20:28:02 GMT
server
cafe
content-length
8974
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 048E 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:28:02 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=3689&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A0%3A1559&as=1&ag=2608&an=2126&gi=1&gf=2097&gg=1615&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2608&bx=2126&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=2608&cn=2126&gn=1&gk=2097&gl=1615&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3416&cd=2974&ah=3416&am=2974&dq=2717&dr=2275&ds=2717&dt=2275&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=46&vt=57&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1585194674&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:02 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame D047 		210 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f2.1e100.net
Software
cafe /
Resource Hash
1337a9f763f13d9f4c0234e32e0c5b78c692420a9e7119699ec4ef866f60f453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame D047 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D047 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BF6 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
53178a1e0de9ad8cc51debe1ba3630f86aec7473cc5154febbf31e53d637183f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Sep 2021 20:28:02 GMT
server
cafe
content-length
9005
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame D047 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:28:02 GMT
status
www.facebook.com/x/oauth/ Frame CA28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=623820585193456&input_token&origin=1&redirect_uri=https%3A%2F%2Fplugins.soclminer.com.br%2Fv3%2Fassets%2Fhtml%2Fonsite-sales%2Findex.min.html%3FappId%3D623820585193456%26id%3D0d2ab486745b45cf991c8d91aa3e3e5f%26name%3DCorreio%2520do%2520Povo%26pluginId%3Dff61ae4712a440469640bd2f82aa2c35%26pluginParameters%3D%257B%2522animation%2522%253Afalse%252C%2522ShowForm%2522%253Afalse%252C%2522EnableTestAB%2522%253Afalse%252C%2522orientation%2522%253A%2522center%2522%252C%2522timeToShowAfterClose%2522%253A172800000%252C%2522timeToShowAfterView%2522%253A3%252C%2522device%2522%253A%2522desktop%2522%252C%2522background%2522%253A%2522%2523000000%2522%252C%2522logoColor%2522%253A%2522%2523000000%2522%252C%2522logo%2522%253A%2522https%253A%252F%252Fcorreiodopovo.soclminer.com.br%252Fff61ae4712a440469640bd2f82aa2c35%252Flogo.png%253Fv%253D637653383870979332%2522%252C%2522title%2522%253A%2522AS%2520%25C3%259ALTIMAS%2520NOT%25C3%258DCIAS%2520EST%25C3%2583O%2520AQUI%2522%252C%2522message%2522%253A%2522Assine%2520agora%2520o%2520jornal%2520Correio%2520do%2520Povo%2522%252C%2522timeInSite%2522%253A8000%252C%2522TypetimeInSite%2522%253A%2522s%2522%252C%2522TypetimeToShowAfterClose%2522%253A%2522d%2522%252C%2522typeshowAfterClick%2522%253A%2522d%2522%252C%2522textOption%2522%253A%2522light%2522%252C%2522link%2522%253A%2522https%253A%252F%252Floja.correiodopovo.com.br%252Fcollections%252Fassinaturas%253Futm_source%253Dsoclminer%2526utm_medium%253Dsoclonsitedesktop%2526utm_campaign%253Dsoclonsitedesktop_desk-assinatura%2526smid%253D3-17%2522%252C%2522linkView%2522%253A%2522https%253A%252F%252Floja.correiodopovo.com.br%252Fcollections%252Fassinaturas%2522%252C%2522scrollPercentage%2522%253A0%252C%2522pagesViewBefore%2522%253A0%252C%2522showAfterClick%2522%253A259200000%252C%2522typeInABTest%2522%253A%2522%2522%252C%2522Weight%2522%253A100%252C%2522Version%2522%253A1%257D%26version%3D20210823180129000000%26url%3Dhttps%253A%252F%252Fwww.correiodopovo.com.br%252F%253F%26path%3Dhttps%253A%252F%252Fcorreiodopovo.soclminer.com.br%252Fff61ae4712a440469640bd2f82aa2c35%26hasOptIn%3Dfalse%26isMobile%3Dfalse%26gaEnabled%3Dtrue&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e58e053bf64802d3bcf764dd9c3d9d08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
mbM0qFjGm6Hxom9UJ2WwKvQfH2SFKduBI2tFDzMCuNJNt3HbMbcst6tksd+FXaIKSXMnlXUBOfCKc3qlZe2xCQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Sep 2021 20:28:02 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://plugins.soclminer.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame 006E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
18553dd1410cc7d4f5e3276a37f77d6440cdb7a87cf7a9fe59164668f7280fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
foBRC9LZYvD9+IPLH8KSOA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
oAgjZWtuMRZhDXeUC71ykMQgvnTwQDMj/qCW9KSUNSeRmNWYxUV3sUG9PrU7hLqJg/frpxP5CVff9iaVqN4WAQ==
x-fb-content-md5
ead7567376f239ce64eda150d741f8de
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:28:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"809e94f560e9a018773436e95df5a16f"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Sep 2021 20:41:02 GMT
sdk.js
connect.facebook.net/en_US/ Frame 006E 		228 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e58e053bf64802d3bcf764dd9c3d9d08
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
9722b8bfb6a9867b915f5988138a693206e75a063b062e55632bada771adca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://plugins.soclminer.com.br/
Origin
https://plugins.soclminer.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6DEB0ELiKa84dmgD4LvJBw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68346
x-fb-rlafr
0
x-fb-debug
csGOJ0dV7K01ys+yOuCjZ/C5AO9ux8tSzRIwuOmAeXySfi8+VFmt8VxUc3PsymApyZrTCy/UeCiDPThtFal09A==
x-fb-content-md5
92df62997a11a37bf29de09a80a97299
x-frame-options
DENY
date
Tue, 14 Sep 2021 20:28:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8f6d5bb45e6384a1ec55cfe133bc80ab"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 14 Sep 2022 20:05:46 GMT
coronavirus.png
vacina.saude.rs.gov.br/img/ Frame C02E 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vacina.saude.rs.gov.br/img/coronavirus.png
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
last-modified
Mon, 16 Mar 2020 17:04:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"15dfd-5a0fbcee37b55"
content-type
image/png
accept-ranges
bytes
content-length
89597
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Tue, 14 Sep 2021 20:28:02 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
jquery.min.js
vacina.saude.rs.gov.br/vendor/jquery/ Frame C02E 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"15851-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
39406
bootstrap.bundle.min.js
vacina.saude.rs.gov.br/vendor/bootstrap/js/ Frame C02E 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"1332b-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30152
jquery.easing.min.js
vacina.saude.rs.gov.br/vendor/jquery-easing/ Frame C02E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/jquery-easing/jquery.easing.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"9e4-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1070
sb-admin-2.js
vacina.saude.rs.gov.br/js/ Frame C02E 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/js/sb-admin-2.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"5d4-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
822
Chart.min.js
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/ Frame C02E 		169 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/Chart.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 12:22:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"2a415-5b20529e4e2c0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
utils.js
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/ Frame C02E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/utils.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 12:22:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"cf6-5b20529e4e2c0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1712
chartjs-plugin-datalabels@0.7.0
cdn.jsdelivr.net/npm/ Frame C02E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/chartjs-plugin-datalabels@0.7.0
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
450067
x-jsd-version
0.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
5360
etag
W/"330e-MyjMkC7/nYxBFRP/V6SaLPi/qfE"
x-served-by
cache-fra19150-FRA, cache-hhn4033-HHN
x-jsd-version-type
version
date
Tue, 14 Sep 2021 20:28:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.dataTables.min.js
vacina.saude.rs.gov.br/vendor/datatables/ Frame C02E 		80 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/jquery.dataTables.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"141eb-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
35900
dataTables.buttons.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame C02E 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/dataTables.buttons.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
8506849
content-length
6431
last-modified
Tue, 08 Jun 2021 08:47:57 GMT
server
cloudflare
etag
"1121708-4c4c-5c43d36efaee6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c03994e27b4-PRG
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 08 Jun 2022 09:27:12 GMT
buttons.flash.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame C02E 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.flash.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
8506744
content-length
6819
last-modified
Tue, 08 Jun 2021 08:47:57 GMT
server
cloudflare
etag
"11216fa-6677-5c43d36efa716-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c03994f27b4-PRG
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 08 Jun 2022 09:28:57 GMT
jszip.min.js
cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/ Frame C02E 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
349952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26506
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-18e33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ffx2w4zlwYu15kAs0AXkw0DziDcBlhhSAAWU30Jn9hJjCsitH0cNe1w%2F9bfsXcZ5jc55MbXQq0KvXYoMJ4b%2BBTbpJwu7RoJcmv6VHA3kuGRgZbM1St4V9GElB8d%2BLsyx9ZpuGSj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ec5c036c67f9d6-PRG
expires
Sun, 04 Sep 2022 20:28:02 GMT
pdfmake.min.js
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame C02E 		1 MB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/pdfmake.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
92487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
344327
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f87-10af19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycGAGo3NoPt2XwIj2vg1Vb%2FaP9TQXXI5I%2FHP6xuYjEKjvqam9ey9ZDuUvDtZIp%2B8U3nJ8zG30Xw7stIAiVmGVnWk%2FZ%2BWpsVVa8UIrYqMV2TsqI2v0m3ZmHyePR38NqRmcC78BfaT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ec5c036c6cf9d6-PRG
expires
Sun, 04 Sep 2022 20:28:02 GMT
vfs_fonts.js
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame C02E 		905 KB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/vfs_fonts.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
184023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
315755
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f87-e2214"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11bcgdE792r0tQIkWQSPTt5Y7dYpwnTtBtKQskUXPgTviUnCd0TOQ7WJUiS9pknadCZUDsgE4RnyOOrKZGMF3Cegio0ndPoQEEDWQd2qWxmgGPFnupbk7XvxQAcCQ1wEfK8CvyoY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ec5c036c68f9d6-PRG
expires
Sun, 04 Sep 2022 20:28:02 GMT
buttons.html5.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame C02E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.html5.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
8506743
content-length
6608
last-modified
Tue, 08 Jun 2021 08:47:57 GMT
server
cloudflare
etag
"1121700-60be-5c43d36efa716-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c03995027b4-PRG
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 08 Jun 2022 09:28:58 GMT
buttons.print.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame C02E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.print.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
8506837
content-length
1160
last-modified
Tue, 08 Jun 2021 08:47:57 GMT
server
cloudflare
etag
"1121704-8fe-5c43d36efa716-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c03995227b4-PRG
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 08 Jun 2022 09:27:25 GMT
dataTables.bootstrap4.min.js
vacina.saude.rs.gov.br/vendor/datatables/ Frame C02E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"825-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1369
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ Frame C02E 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
703939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6451
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZW5kELUoIaRYARq%2BtiWP2Np1dR4Huq5k1QoYtYjbO%2FMkopV%2BmoyN%2BHERkTGzNHaDNvjQvwjCNuLZAyhglepvVWD3sKLoLXIRfiCDF0j3Ye5YABZvPi1Iy3AxSA%2BrOdfpE7fKE44"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ec5c036c70f9d6-PRG
expires
Sun, 04 Sep 2022 20:28:02 GMT
status
www.facebook.com/x/oauth/ Frame 006E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=623820585193456&input_token&origin=1&redirect_uri=https%3A%2F%2Fplugins.soclminer.com.br%2Fv3%2Fsdk%2Ftracking%2Fhtml%2Fview.min.html%3FappId%3D623820585193456%26id%3D0d2ab486745b45cf991c8d91aa3e3e5f%26gaEnabled%3Dtrue%26pushNativeEnabled%3Dfalse%26smuid%3Dundefined%26v%3D106%26clientId%3D361f494e-7721-4858-a5fd-5899b46464a6%26sessionHash%3D39f8e3df79d583613482c278d946ce776bdec022&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e58e053bf64802d3bcf764dd9c3d9d08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
6V+gPgm5WFwXvaNhxLE4qaoHS+5kz7MKqADQ/oxeU60OHM76yCL1O/6wYy8hgneOsFHAW3bzpTuEWI9SRUNPRw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Sep 2021 20:28:02 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://plugins.soclminer.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E10E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-bd_KSXSB76RdI8_FsYdNqD-pb-YpCcnqAKUJ82CpTovQRlXmLYcnpQh-PFzsxJ3rh9_ko1zfU269yiqytg3oTbKvampW9ASsWnByBVIBaPu2GZk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame E10E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E10E 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:28:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame E10E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:26:28 GMT
l
www.google.com/ads/measurement/ Frame E10E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa9JTD6UkX4px1xc_3few_TbSotpmpTvSSZwR7mh08sq-eF4Ck-JiJk9PduGl4zCdlrC24oF3_fevuG93QVY7KlsB80w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F9D9 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9pyibTAB&v=APEucNVHR8QIuCH0wKO4cK9NiTkzXrCG_pAauspi3qb2Phwf1oEblBEvrxz0f3NHrfqCg2Q2bJJlPXj1GqniRgt5xZ3UtEagrq5xi3jz9YlK5Ftdxd1av1y5zszUDCRp2EqGIeL-TBxYHu13UNh6BM8Gr-ni9rgTUmXQhyfm4k0Uo7SDRG8I4M0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsY9pyibTAB&v=APEucNVHR8QIuCH0wKO4cK9NiTkzXrCG_pAauspi3qb2Phwf1oEblBEvrxz0f3NHrfqCg2Q2bJJlPXj1GqniRgt5xZ3UtEagrq5xi3jz9YlK5Ftdxd1av1y5zszUDCRp2EqGIeL-TBxYHu13UNh6BM8Gr-ni9rgTUmXQhyfm4k0Uo7SDRG8I4M0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Sep 2021 20:28:02 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E10E 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsYNJRBFIkM5fbmVOVugX6y8fUYdAbXfRuqtwT_gsRF-LhDeljnzGwd9x9tLxZeuIsBq9DGZVVlR_EIRBqDHtO7QVZxHZaoORhc36CwnZTFBPw7wKRHhNG_xnTGaTnn4qzP5GUsLrXhDnKb_ZJzwtRqFjGVQ&dbm_d=AKAmf-DBZ4CUbuJw8dvbvgrNLa1WJGLUvitIG-NfAjOsVnxNdq6e40TEsrtJ_Fq8QuWprjdASfRZItgJG_FLXctOgaES7t7IXMDM1ZGeV1t5gILHTz0KPXJxZIwezjD4y6lncTLuOyM0-U3pL3GQaAghLJNk31WPNLh9RtoOk-cU7wnX8BW5SI-oe-mQGDuD_nQDMDbrjhxh5nti9gL_a9zz9Z2dVd4rK1CU1bWbebyWZJP4g7VCiktlwdWhCHx5chSzmBQPN6vFIXtSOnFJDYqXFASTQyngkAc8bG3FxQm04K-pWqjYihyCc50kmIFuyX5w3wFgPn3l7z1JlSJYdrnbmLel2ZD6DTblPI9UCkTdiRtCc4UnM_likq68EnSBlQ5SG_DAdRce5tWQepWZB0ybZZNyPB4eRnKgle0Y2tenOQVbp-VKZTXVeOP836SYQJYUTXEYYHDoS1pIDfD8UXsQailrtPE2MicsROoMv0q5n6y9Nzq0BcUkBcQmhW_rTfSPNQ69Fs96kTM21wM0WFQnZ2Fgq5iHs7f21-q7E__X2nvr07AFT9q5EZZ3zpr3IFtveDGDbhzSD9RJPRBhb_X4-pjCFoW4vHyLZQvLey-DJyDLYTke6yA2GMtT6erWxA2_iSxZCVlE60_hyGYXQK52bk1BdUUxIsuoWZspg9z1_b_XsXBKW4Az_uHe3bwMQymD9cfYWb1yKKRZsehv_dFFmT5brCQo4eZGMCs2c0XCMxP4-YbWCrBSyxHsKy3tsyfztUbLdSkYjiHjwhgNhOBRUCpVh3iWW31uW68_RThQSZ1PxyLxVWQud7x-I6oS3dyp7fY5Ji3dmrIshB0l02Wjihu9bsUkOg-IHO6xlSlxV_YqdBJGzNNnAeF0iDq5ekW3v8fBHxo5AgCe4aN_Dcz42lJyFWZ-qBajLl2AP9cE1H2Tg5wMBEq8RrxxSRF05EN8ne8fdnq_oBE5b_72ceQ5NMHWRepf9kMQRtTjMAZHarv73eyAo3yUxsfwW-lP17gCmimO72X5gO9fjj99CPjIOeFzu8L5fW_RbKpoNpsS6zr3dCx71NP5nPxXyRYE_ze9ZiUxiQBrxJqBoGNmH1SXBG6pxGFImiKzLQZOAAeWGHGK_PLP9DV1HkeYWbSojLkjwZDzvX9Lv6JqCSEsscpF6sTpuGfTyTk1eDC_7f1FojkspiWLIBDDqzEc73PVYiAZvg6lCfi_L3t3WU-7MXTYxzJZF07yF3gfnJJvUP5SIwI9tWgGx43Q0osJiQlJaCH_xBeIm7NkhmC83L-u1-rFPT2jZO4i7xQIbgs4iNaoR4enkWUspNecGZ-1eovOyr5RHlsbMBSASmxCMLjoKyn1kDvRjFVVqWcv9potlICDcFbMGBTPeV0Pd--R9OcAwlPFcx9jSs0S6fG-LptGnWD4eHPfPlHOkzIH4NhxeLIw43Uni8TRcu1Fx4DBWZzWvP6boOokA5pTcec0l3833GGiJ51kag7HIW8tQGWbM0yzgTpOsxcsjOgfVb-9J4eyW7pGNcxb445uzXxQXelugqdBQmtoy3uP3Li0HBgTKZK_xRBKbkWZt4diRUCCHiXpdXMgj2gOSFljEzUKsFi4P82hGMMPZ-B-RxqmS9vbddrfYSKWSkJZTw-GvhNTMB7aWbCFtj_AIwzWHFGNodzBxg_cGOvZ6v63rtqqEmJJTXgMNUHI4sqm0_xJe7T9y9ZkEVsOi9nobsghv0s0ljGvXtHFy7NC1Z502WD9Mlet1DbPY5PiP9b5XRAjUIACpFhnHPLZTEdn7s3u-nDkRjeyxaut5pyeNIVrPN0DpuUDyxQHQIoldRpaJ3Rj2_D4QuwRIdSQZPo2-KFXnNHUXg1NKvPSewpETSw2EKsVZHCFh3M8amnY4oP_PLjbwJvu0M4V3IQoll7MkeUlU8CPCB1cMXwUqu-fzRz0U12v-Hg1l8PhpPvZR02_ecLSqPDTmEmMwvfpBBbm5DZJMZhgVLj--hdKiebChZd5UFDY8_w9CFCTYcgPIU7bwwxbpKI7RjCd5X3IP9gHcfAW3Glbai0lKsX4q2NO08PErvJo5vphomXYlTtGZvX3ioed3u2_rmvNgAA1wVso-wAV-WfMJEaGNjW6D197FRqVILMZ4LZrHjPWdQrV_SvENEckULXy1lwPDF5BFaJQbISGAMhDwf74F18EwQGKA9U2vskFlEgnvB-sKxz6pjDh2seFQiR3JXAUJITZzawMXCb3FDBy_9raoQk_8A-FWjBXdPMB5ZWJeFCR_uaKDY-djqBH4wo30_h8p6kaZQ3TA1o2ADXus0jCsCcSC90ehdOK61YboHNnh74XdM1Ayb2MyhPogZkE0L3Yk0ZmOxeeps5rPxz05m4rN2LGjEEI7PjrQzAyoOOblbgBJe52XuruxEb14UzEGcKgEbUOVjLC61RDtcNtVYLk3M_BS6spZoVS8rnsyRH9OEcpC30IOjPJBdVWT4KKk-IR39FwpY2OxQwo8DE0ujtLttnQOQT-fZLr301hm9tdILti347LufeyC1vPxwQiv4Wf8uMuB2M5hdiSVkMidgZEbn3OZuMkea8SQQB6KDdcKa8ACQzuWpDXi8YXTAcW1vitpKYihd_XRdH25IpwSMWRTngltL_4fmsfemmBw1PtZAEB7lVlYk7aVg26tYEPcS0aYfhw0DTJIk_w-zrzIxDF_jnjjnD5qcToXb6O2NFJK_G3_guftiN416-c4N0d2aINYAcvNw3EJbJt0ciqhdZnMbOJz9zOcieTLBy_NDEozaF5lNHZGKv7ehgYatTtBCNY_M43MyfBiGLUXYsnruM88V5M_kGgkQjr-B1PlS8GOPYiNtNf6bY4zN_375Y7Zb5EtK_uBr1VwqEjVRjsEH2YhFtIxrSL8cwsxQUp4_qyYnCkuGJebxs7ViuDy-N6WzxdTppz3sK7hTA5SFd-PVtf_GW1yreRC0Q-ysqmnOAAEvTfF9hFt7eFiHNfuwvqleEHK8keYyqjGsTEQdhHVZw6cxm-pJHfAuFZfA_KPb-m0_qE0lu27wOBJ5qGZEXwC0M_AyjWWHMkVHohHSjZHcuASj-e7wm6YgG95-tJdb0epPfzPZlmdmlEBT2_lEzMhTQMMrngnxPqoTyFtU7zhD-P2oWIzz_hOHFKdA&cid=CAASEuRod9_hrBUM_Hn8YLvMFepqsQ&rfl=2%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
21338b5de9fa291d16b8dbb1149362c83b155e241301b715cf9a85e91d18f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame E10E 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 03:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Sep 2021 03:00:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame E10E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsYNJRBFIkM5fbmVOVugX6y8fUYdAbXfRuqtwT_gsRF-LhDeljnzGwd9x9tLxZeuIsBq9DGZVVlR_EIRBqDHtO7QVZxHZaoORhc36CwnZTFBPw7wKRHhNG_xnTGaTnn4qzP5GUsLrXhDnKb_ZJzwtRqFjGVQ&dbm_d=AKAmf-DBZ4CUbuJw8dvbvgrNLa1WJGLUvitIG-NfAjOsVnxNdq6e40TEsrtJ_Fq8QuWprjdASfRZItgJG_FLXctOgaES7t7IXMDM1ZGeV1t5gILHTz0KPXJxZIwezjD4y6lncTLuOyM0-U3pL3GQaAghLJNk31WPNLh9RtoOk-cU7wnX8BW5SI-oe-mQGDuD_nQDMDbrjhxh5nti9gL_a9zz9Z2dVd4rK1CU1bWbebyWZJP4g7VCiktlwdWhCHx5chSzmBQPN6vFIXtSOnFJDYqXFASTQyngkAc8bG3FxQm04K-pWqjYihyCc50kmIFuyX5w3wFgPn3l7z1JlSJYdrnbmLel2ZD6DTblPI9UCkTdiRtCc4UnM_likq68EnSBlQ5SG_DAdRce5tWQepWZB0ybZZNyPB4eRnKgle0Y2tenOQVbp-VKZTXVeOP836SYQJYUTXEYYHDoS1pIDfD8UXsQailrtPE2MicsROoMv0q5n6y9Nzq0BcUkBcQmhW_rTfSPNQ69Fs96kTM21wM0WFQnZ2Fgq5iHs7f21-q7E__X2nvr07AFT9q5EZZ3zpr3IFtveDGDbhzSD9RJPRBhb_X4-pjCFoW4vHyLZQvLey-DJyDLYTke6yA2GMtT6erWxA2_iSxZCVlE60_hyGYXQK52bk1BdUUxIsuoWZspg9z1_b_XsXBKW4Az_uHe3bwMQymD9cfYWb1yKKRZsehv_dFFmT5brCQo4eZGMCs2c0XCMxP4-YbWCrBSyxHsKy3tsyfztUbLdSkYjiHjwhgNhOBRUCpVh3iWW31uW68_RThQSZ1PxyLxVWQud7x-I6oS3dyp7fY5Ji3dmrIshB0l02Wjihu9bsUkOg-IHO6xlSlxV_YqdBJGzNNnAeF0iDq5ekW3v8fBHxo5AgCe4aN_Dcz42lJyFWZ-qBajLl2AP9cE1H2Tg5wMBEq8RrxxSRF05EN8ne8fdnq_oBE5b_72ceQ5NMHWRepf9kMQRtTjMAZHarv73eyAo3yUxsfwW-lP17gCmimO72X5gO9fjj99CPjIOeFzu8L5fW_RbKpoNpsS6zr3dCx71NP5nPxXyRYE_ze9ZiUxiQBrxJqBoGNmH1SXBG6pxGFImiKzLQZOAAeWGHGK_PLP9DV1HkeYWbSojLkjwZDzvX9Lv6JqCSEsscpF6sTpuGfTyTk1eDC_7f1FojkspiWLIBDDqzEc73PVYiAZvg6lCfi_L3t3WU-7MXTYxzJZF07yF3gfnJJvUP5SIwI9tWgGx43Q0osJiQlJaCH_xBeIm7NkhmC83L-u1-rFPT2jZO4i7xQIbgs4iNaoR4enkWUspNecGZ-1eovOyr5RHlsbMBSASmxCMLjoKyn1kDvRjFVVqWcv9potlICDcFbMGBTPeV0Pd--R9OcAwlPFcx9jSs0S6fG-LptGnWD4eHPfPlHOkzIH4NhxeLIw43Uni8TRcu1Fx4DBWZzWvP6boOokA5pTcec0l3833GGiJ51kag7HIW8tQGWbM0yzgTpOsxcsjOgfVb-9J4eyW7pGNcxb445uzXxQXelugqdBQmtoy3uP3Li0HBgTKZK_xRBKbkWZt4diRUCCHiXpdXMgj2gOSFljEzUKsFi4P82hGMMPZ-B-RxqmS9vbddrfYSKWSkJZTw-GvhNTMB7aWbCFtj_AIwzWHFGNodzBxg_cGOvZ6v63rtqqEmJJTXgMNUHI4sqm0_xJe7T9y9ZkEVsOi9nobsghv0s0ljGvXtHFy7NC1Z502WD9Mlet1DbPY5PiP9b5XRAjUIACpFhnHPLZTEdn7s3u-nDkRjeyxaut5pyeNIVrPN0DpuUDyxQHQIoldRpaJ3Rj2_D4QuwRIdSQZPo2-KFXnNHUXg1NKvPSewpETSw2EKsVZHCFh3M8amnY4oP_PLjbwJvu0M4V3IQoll7MkeUlU8CPCB1cMXwUqu-fzRz0U12v-Hg1l8PhpPvZR02_ecLSqPDTmEmMwvfpBBbm5DZJMZhgVLj--hdKiebChZd5UFDY8_w9CFCTYcgPIU7bwwxbpKI7RjCd5X3IP9gHcfAW3Glbai0lKsX4q2NO08PErvJo5vphomXYlTtGZvX3ioed3u2_rmvNgAA1wVso-wAV-WfMJEaGNjW6D197FRqVILMZ4LZrHjPWdQrV_SvENEckULXy1lwPDF5BFaJQbISGAMhDwf74F18EwQGKA9U2vskFlEgnvB-sKxz6pjDh2seFQiR3JXAUJITZzawMXCb3FDBy_9raoQk_8A-FWjBXdPMB5ZWJeFCR_uaKDY-djqBH4wo30_h8p6kaZQ3TA1o2ADXus0jCsCcSC90ehdOK61YboHNnh74XdM1Ayb2MyhPogZkE0L3Yk0ZmOxeeps5rPxz05m4rN2LGjEEI7PjrQzAyoOOblbgBJe52XuruxEb14UzEGcKgEbUOVjLC61RDtcNtVYLk3M_BS6spZoVS8rnsyRH9OEcpC30IOjPJBdVWT4KKk-IR39FwpY2OxQwo8DE0ujtLttnQOQT-fZLr301hm9tdILti347LufeyC1vPxwQiv4Wf8uMuB2M5hdiSVkMidgZEbn3OZuMkea8SQQB6KDdcKa8ACQzuWpDXi8YXTAcW1vitpKYihd_XRdH25IpwSMWRTngltL_4fmsfemmBw1PtZAEB7lVlYk7aVg26tYEPcS0aYfhw0DTJIk_w-zrzIxDF_jnjjnD5qcToXb6O2NFJK_G3_guftiN416-c4N0d2aINYAcvNw3EJbJt0ciqhdZnMbOJz9zOcieTLBy_NDEozaF5lNHZGKv7ehgYatTtBCNY_M43MyfBiGLUXYsnruM88V5M_kGgkQjr-B1PlS8GOPYiNtNf6bY4zN_375Y7Zb5EtK_uBr1VwqEjVRjsEH2YhFtIxrSL8cwsxQUp4_qyYnCkuGJebxs7ViuDy-N6WzxdTppz3sK7hTA5SFd-PVtf_GW1yreRC0Q-ysqmnOAAEvTfF9hFt7eFiHNfuwvqleEHK8keYyqjGsTEQdhHVZw6cxm-pJHfAuFZfA_KPb-m0_qE0lu27wOBJ5qGZEXwC0M_AyjWWHMkVHohHSjZHcuASj-e7wm6YgG95-tJdb0epPfzPZlmdmlEBT2_lEzMhTQMMrngnxPqoTyFtU7zhD-P2oWIzz_hOHFKdA&cid=CAASEuRod9_hrBUM_Hn8YLvMFepqsQ&rfl=2%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
773
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame E10E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsYNJRBFIkM5fbmVOVugX6y8fUYdAbXfRuqtwT_gsRF-LhDeljnzGwd9x9tLxZeuIsBq9DGZVVlR_EIRBqDHtO7QVZxHZaoORhc36CwnZTFBPw7wKRHhNG_xnTGaTnn4qzP5GUsLrXhDnKb_ZJzwtRqFjGVQ&dbm_d=AKAmf-DBZ4CUbuJw8dvbvgrNLa1WJGLUvitIG-NfAjOsVnxNdq6e40TEsrtJ_Fq8QuWprjdASfRZItgJG_FLXctOgaES7t7IXMDM1ZGeV1t5gILHTz0KPXJxZIwezjD4y6lncTLuOyM0-U3pL3GQaAghLJNk31WPNLh9RtoOk-cU7wnX8BW5SI-oe-mQGDuD_nQDMDbrjhxh5nti9gL_a9zz9Z2dVd4rK1CU1bWbebyWZJP4g7VCiktlwdWhCHx5chSzmBQPN6vFIXtSOnFJDYqXFASTQyngkAc8bG3FxQm04K-pWqjYihyCc50kmIFuyX5w3wFgPn3l7z1JlSJYdrnbmLel2ZD6DTblPI9UCkTdiRtCc4UnM_likq68EnSBlQ5SG_DAdRce5tWQepWZB0ybZZNyPB4eRnKgle0Y2tenOQVbp-VKZTXVeOP836SYQJYUTXEYYHDoS1pIDfD8UXsQailrtPE2MicsROoMv0q5n6y9Nzq0BcUkBcQmhW_rTfSPNQ69Fs96kTM21wM0WFQnZ2Fgq5iHs7f21-q7E__X2nvr07AFT9q5EZZ3zpr3IFtveDGDbhzSD9RJPRBhb_X4-pjCFoW4vHyLZQvLey-DJyDLYTke6yA2GMtT6erWxA2_iSxZCVlE60_hyGYXQK52bk1BdUUxIsuoWZspg9z1_b_XsXBKW4Az_uHe3bwMQymD9cfYWb1yKKRZsehv_dFFmT5brCQo4eZGMCs2c0XCMxP4-YbWCrBSyxHsKy3tsyfztUbLdSkYjiHjwhgNhOBRUCpVh3iWW31uW68_RThQSZ1PxyLxVWQud7x-I6oS3dyp7fY5Ji3dmrIshB0l02Wjihu9bsUkOg-IHO6xlSlxV_YqdBJGzNNnAeF0iDq5ekW3v8fBHxo5AgCe4aN_Dcz42lJyFWZ-qBajLl2AP9cE1H2Tg5wMBEq8RrxxSRF05EN8ne8fdnq_oBE5b_72ceQ5NMHWRepf9kMQRtTjMAZHarv73eyAo3yUxsfwW-lP17gCmimO72X5gO9fjj99CPjIOeFzu8L5fW_RbKpoNpsS6zr3dCx71NP5nPxXyRYE_ze9ZiUxiQBrxJqBoGNmH1SXBG6pxGFImiKzLQZOAAeWGHGK_PLP9DV1HkeYWbSojLkjwZDzvX9Lv6JqCSEsscpF6sTpuGfTyTk1eDC_7f1FojkspiWLIBDDqzEc73PVYiAZvg6lCfi_L3t3WU-7MXTYxzJZF07yF3gfnJJvUP5SIwI9tWgGx43Q0osJiQlJaCH_xBeIm7NkhmC83L-u1-rFPT2jZO4i7xQIbgs4iNaoR4enkWUspNecGZ-1eovOyr5RHlsbMBSASmxCMLjoKyn1kDvRjFVVqWcv9potlICDcFbMGBTPeV0Pd--R9OcAwlPFcx9jSs0S6fG-LptGnWD4eHPfPlHOkzIH4NhxeLIw43Uni8TRcu1Fx4DBWZzWvP6boOokA5pTcec0l3833GGiJ51kag7HIW8tQGWbM0yzgTpOsxcsjOgfVb-9J4eyW7pGNcxb445uzXxQXelugqdBQmtoy3uP3Li0HBgTKZK_xRBKbkWZt4diRUCCHiXpdXMgj2gOSFljEzUKsFi4P82hGMMPZ-B-RxqmS9vbddrfYSKWSkJZTw-GvhNTMB7aWbCFtj_AIwzWHFGNodzBxg_cGOvZ6v63rtqqEmJJTXgMNUHI4sqm0_xJe7T9y9ZkEVsOi9nobsghv0s0ljGvXtHFy7NC1Z502WD9Mlet1DbPY5PiP9b5XRAjUIACpFhnHPLZTEdn7s3u-nDkRjeyxaut5pyeNIVrPN0DpuUDyxQHQIoldRpaJ3Rj2_D4QuwRIdSQZPo2-KFXnNHUXg1NKvPSewpETSw2EKsVZHCFh3M8amnY4oP_PLjbwJvu0M4V3IQoll7MkeUlU8CPCB1cMXwUqu-fzRz0U12v-Hg1l8PhpPvZR02_ecLSqPDTmEmMwvfpBBbm5DZJMZhgVLj--hdKiebChZd5UFDY8_w9CFCTYcgPIU7bwwxbpKI7RjCd5X3IP9gHcfAW3Glbai0lKsX4q2NO08PErvJo5vphomXYlTtGZvX3ioed3u2_rmvNgAA1wVso-wAV-WfMJEaGNjW6D197FRqVILMZ4LZrHjPWdQrV_SvENEckULXy1lwPDF5BFaJQbISGAMhDwf74F18EwQGKA9U2vskFlEgnvB-sKxz6pjDh2seFQiR3JXAUJITZzawMXCb3FDBy_9raoQk_8A-FWjBXdPMB5ZWJeFCR_uaKDY-djqBH4wo30_h8p6kaZQ3TA1o2ADXus0jCsCcSC90ehdOK61YboHNnh74XdM1Ayb2MyhPogZkE0L3Yk0ZmOxeeps5rPxz05m4rN2LGjEEI7PjrQzAyoOOblbgBJe52XuruxEb14UzEGcKgEbUOVjLC61RDtcNtVYLk3M_BS6spZoVS8rnsyRH9OEcpC30IOjPJBdVWT4KKk-IR39FwpY2OxQwo8DE0ujtLttnQOQT-fZLr301hm9tdILti347LufeyC1vPxwQiv4Wf8uMuB2M5hdiSVkMidgZEbn3OZuMkea8SQQB6KDdcKa8ACQzuWpDXi8YXTAcW1vitpKYihd_XRdH25IpwSMWRTngltL_4fmsfemmBw1PtZAEB7lVlYk7aVg26tYEPcS0aYfhw0DTJIk_w-zrzIxDF_jnjjnD5qcToXb6O2NFJK_G3_guftiN416-c4N0d2aINYAcvNw3EJbJt0ciqhdZnMbOJz9zOcieTLBy_NDEozaF5lNHZGKv7ehgYatTtBCNY_M43MyfBiGLUXYsnruM88V5M_kGgkQjr-B1PlS8GOPYiNtNf6bY4zN_375Y7Zb5EtK_uBr1VwqEjVRjsEH2YhFtIxrSL8cwsxQUp4_qyYnCkuGJebxs7ViuDy-N6WzxdTppz3sK7hTA5SFd-PVtf_GW1yreRC0Q-ysqmnOAAEvTfF9hFt7eFiHNfuwvqleEHK8keYyqjGsTEQdhHVZw6cxm-pJHfAuFZfA_KPb-m0_qE0lu27wOBJ5qGZEXwC0M_AyjWWHMkVHohHSjZHcuASj-e7wm6YgG95-tJdb0epPfzPZlmdmlEBT2_lEzMhTQMMrngnxPqoTyFtU7zhD-P2oWIzz_hOHFKdA&cid=CAASEuRod9_hrBUM_Hn8YLvMFepqsQ&rfl=2%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9258
x-xss-protection
0
server
cafe
etag
9058358164849487988
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
partner
sync.search.spotxchange.com/ Frame F9D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2Mzoyc1K5QSXM5V0alBsE&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2Mzoyc1K5QSXM5V0alBsE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9pyibTAB&v=APEucNVHR8QIuCH0wKO4cK9NiTkzXrCG_pAauspi3qb2Phwf1oEblBEvrxz0f3NHrfqCg2Q2bJJlPXj1GqniRgt5xZ3UtEagrq5xi3jz9YlK5Ftdxd1av1y5zszUDCRp2EqGIeL-TBxYHu13UNh6BM8Gr-ni9rgTUmXQhyfm4k0Uo7SDRG8I4M0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2Mzoyc1K5QSXM5V0alBsE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F9D9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2YxOGFiYTQtMTU5YS0xMWVjLWE1OTAtMWEzY2Y5ZDEwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2YxOGFiYTQtMTU5YS0xMWVjLWE1OTAtMWEzY2Y5ZDEwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9pyibTAB&v=APEucNVHR8QIuCH0wKO4cK9NiTkzXrCG_pAauspi3qb2Phwf1oEblBEvrxz0f3NHrfqCg2Q2bJJlPXj1GqniRgt5xZ3UtEagrq5xi3jz9YlK5Ftdxd1av1y5zszUDCRp2EqGIeL-TBxYHu13UNh6BM8Gr-ni9rgTUmXQhyfm4k0Uo7SDRG8I4M0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=M2YxOGFiYTQtMTU5YS0xMWVjLWE1OTAtMWEzY2Y5ZDEwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
58
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame F9D9 		0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY9pyibTAB&v=APEucNVHR8QIuCH0wKO4cK9NiTkzXrCG_pAauspi3qb2Phwf1oEblBEvrxz0f3NHrfqCg2Q2bJJlPXj1GqniRgt5xZ3UtEagrq5xi3jz9YlK5Ftdxd1av1y5zszUDCRp2EqGIeL-TBxYHu13UNh6BM8Gr-ni9rgTUmXQhyfm4k0Uo7SDRG8I4M0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame FAB9 		363 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNWyxgnZegvuST5lG5C27GOZhQenITufQD2pLLnD1fAkJHrEcGYN6yWmqwjs1rpVTJFxt189TMMMXrkYXM_EUHzDvU3CEGTSLK0c4W-HtpOF2cbaI8ukOUXNfS39T2c83a2NMi3TFl_WfwflTpdggNNIcsyc2TCIU2vmTcZn3KbeQLDvjgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNWyxgnZegvuST5lG5C27GOZhQenITufQD2pLLnD1fAkJHrEcGYN6yWmqwjs1rpVTJFxt189TMMMXrkYXM_EUHzDvU3CEGTSLK0c4W-HtpOF2cbaI8ukOUXNfS39T2c83a2NMi3TFl_WfwflTpdggNNIcsyc2TCIU2vmTcZn3KbeQLDvjgg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Sep 2021 20:28:02 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9846 		52 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
4300ce692c247738e4498fe1cc38ba5385ef561912a5a655e91417854a57c477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25026
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9846 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9846 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:28:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9846 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:26:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9846 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bb5jkD5VXOVikRJFbnf1arT3vVD4PZel-8jQyXBUOsLW9mdGwT9pZsqD62vdJe5mG8Xl_XEmjG5x9rwlPXcQkn0AZ0tm9WuPvUFUVld98AB_eQMNk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B774 		363 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNVKQxRMwvk_WaTyVrkQk6j6IJfeNhlaHb5cwLNDxqIh5DfLid6oDCpev4Ti1js2VT_qevJROgmUbtZq8c96J2IBKAHqFxK_9QHuPDeS0k5eO7J610UQRQ3xfLZ0GdvT0ECGM-8jO_xn5lJWBTpofwIlYM_ClqRgAWw6TlCftKAgz_Aft7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNVKQxRMwvk_WaTyVrkQk6j6IJfeNhlaHb5cwLNDxqIh5DfLid6oDCpev4Ti1js2VT_qevJROgmUbtZq8c96J2IBKAHqFxK_9QHuPDeS0k5eO7J610UQRQ3xfLZ0GdvT0ECGM-8jO_xn5lJWBTpofwIlYM_ClqRgAWw6TlCftKAgz_Aft7Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Sep 2021 20:28:02 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 1FE8 		53 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
0ad0a7e028a3652767b3a1117e217b0b455a314ee99de98aa086cf0371538619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25161
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 1FE8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1FE8 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 14 Sep 2021 20:28:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 1FE8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:26:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FE8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJdmbMup-_jpKLM8nsETtiJj_YayaXSxjKHtqKdh6OVYJftvZviJtNeGpXpzQfN_81qZjPPuOK8a9sWGnqG1rOfecXJZ6_bXBBDp9lFIQAxpyxo8o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sfht0if3y.js
cdn.krxd.net/controltag/ Frame E10E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 14 Sep 2021 20:28:02 GMT
via
1.1 varnish, 1.1 varnish
age
286
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3744
x-served-by
config-service-a006-ash-prod.krxd.net, cache-bwi5124-BWI, cache-hhn4076-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1631651283.689142,VS0,VE0
etag
"6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 330
index.html
s0.2mdn.net/4528516/2173874479230561/ Frame 633C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2173874479230561/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
83e58f1cffee095b4e35a550a01822f93cbc9058f1189781b5ca13e8e0eb1107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4528516/2173874479230561/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2662
date
Tue, 14 Sep 2021 13:26:22 GMT
expires
Wed, 15 Sep 2021 13:26:22 GMT
last-modified
Tue, 06 Jul 2021 10:10:16 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
25300
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame E10E 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvL4O41fQJmkuA-g3NqFgBtmjos-2Q-OYScs33Igi6EZhrs-3iK1zruo_CetUeTv4QFxFvrCxetZEXKX9_O4ZavpYomXjbbjmqIZfE31eu8r5nwODijjNBgDMA_tYgd57CTSMeoWNv3ljDX5zujxeTzL5H1v-pd_AeQOtlyKlEqn2t7VuRJlLwSfWL9NSeS4fxytcL1ZKxV9jKNxADKJSKvqutTKqA0SSDU_-8wcUzf-gfsUCanEA-lgr1qg8oEBJynON5LPNchon_FuECC6uHUWEtf853RLtwDGFN8LyF-SOKX1sybSdXkyUZz2kU0ZZR1RKO2GYwW3jMmgQAUVUvKjN-6yZOihs9BCuvKgDFafG6vH2K_rYFG-HBS44Ygbt9ec7WMj8BCd1lSvS_AFvg9W6p74llj5QvlV-cwR0Qw0-St79rGS6UQwzDu1W9sDzoqKEwCdAOgaE7hWp2rFHOL1Kq8zft0gdFRwkdK9djXz9j1YL3bw0iI4whP4bDgU1ZT4NnCDycfWHaWsGliT4Xo0Hn-y9bTPBQ00CEJJrS6963o8WU-Az6PvLWLw64PJZkeJfDtEsMyZ4GMhmgUrHpmPbJeRB9QHWmZEZRR0jZ24GtnPPdRo-6vE__zkB7PZRtFrxtuCqUpIeptAKWL4VyGSf-pSjn3hnsHvpGcvBf71OkAu75fN45BBCDcNfBbOUOVjpZZK56ArNayQP054VJCHDyqzqLtM_tHLrdiL-amhFNA8Yl6DqgdFfzEZV-zLqvtAq_fM5HybLSSkZKLHlkBS_ckE9KsK9YztxzW1Ilcl2JdaDCCrKTJWuJRYiGydBp3oCPtWR5urB1i7eR0P1TEdiZ9OlkXiFJRHfhvIq-YuTwf-YbH1nHUDKU4ZyXr7xYTOa68Z-4Z5VaxgdicV3qvb5iX0HsKpiA0NLOS6aJkSUrghXfLs3Ga3DYyYvuRfVxtSqazmCj1yaUZ-7Gn2Plw6LtKz0AigNjqH-09YR26pdEZv8xeldDteCJyxZlCgbUofqqvwISt8T9peHXoXuDmr25AANDebRmVQH2Uc9K2o_NC88nr3G8EleWMwzlzrU6uqfVyjWlCsTTbX0xC_r6406eHcJJ-6ulAEDivgYHpg1IHCem70Hn1203LbA_YbFBwQSqzSeilHrkdgPXqq5s-0bei3PlYvkC_lL_kJ7UYP8pHJ6nmI1vXuf0jTphuQ&sai=AMfl-YSS7w9wl1XyZ2rCv-wpKMNP6nh77eXPFM9C3_xymkdYl1OAn28W6I-a-aB0KSzmGhEchXMU5l0e70F_babc6uFfgisSzoMbTBEk_i0hDjQIm6Hq6K0o7l5P1_D2tFTKrrGMd4JNQi8Zbop25lRsL_yeJ3cqHQ&sig=Cg0ArKJSzFnyXVrF4JnmEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=105&cbvp=1&cstd=102&cisv=r20210909.63526&adurl=
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 14 Sep 2021 20:28:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E10E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 557B 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 13:05:23 GMT
expires
Wed, 15 Sep 2021 13:05:23 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26559
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E10E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6173c87a67e8dfc7599c97d03b029c27f175f14f1ad75e03c0596d990b89b13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 9846 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9258
x-xss-protection
0
server
cafe
etag
9058358164849487988
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame 9846 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
773
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9846 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIsj6v4qg6U3Gozglmc4eEPGB-3J796GbqLHdttNyJljcT0Caiz5AbPtpSqdwribqt-kl2n3CJABfNBGITNcTI92RxcHx-Z6s-5MiSYEnJz7zkYZzW_9Lo_2cY0v6_XGmHP66Dunx-L3JWDZY6KeJvsZOJIPvUmaHumBEhIoOHGi9ZfJgtj5qUUmRmeZTgUyYwLgm7A-s8sGSFqaC2OSVcx0DNx4NYfR_DX3uu4ug3NDxxCB1fFGksv3v4r2_t2NBD-Xv_Xg2oG31_MHICSZEet8Zsz91lCQKzGtwGNEg_yhyKLK4mOXkufrFpsl-mLphKWA2OZLE1Zb5tYwkDDCHlv-0xDcLHlOHzViqMZ3hw4-p2a_ER-CLKNGzRmzUl79GeaTr6iGBKwj4fmGnfTfZXzHobN_XbWhpX6bVJmEI9exYfDVb1Qsry86c0XZpPuLNQPgo0kRPumXiNLXJ2GqTMnP8ulPDgk3f8iHzcyxoZeIp00dLibugc8Q3VPDbA87XW9KHZWh_3-Nr8DBmIB5qgtHzA8Y7S5ducOYqgLZ0H6TO2WoCnkcHSgJLbfohANbcFG1qibRvDoZqGyq93vjUvdp0ZOogHWKDqW9fVPuPq0wEM_HDmQ-zsnEWzguRiI2wbMrJFTD4eBO43o0WTLwcnuAk5k-mA-8jrki8rOm5nwPp3ex79252z9WLG2EBN8DMr1BvMz37moKtPR5-7kKg85np6L63F2qT_qTzZBP18JU0vcLOCVWgGI4Xns_s_nLqXCQG5dntDiLJfBbJf7-YxPF425lXME5EXmf-4NMJbPS05tON4-z-3TQt25LaWfp69HUD6-dpZqywMacNKkiZojJlHCstyKphluG0ZwirugNHLXxnFVZE1wUmcRT1hPbZAIpE7Ffrw56AgsbUEioebETLNIBTwB-IHPcRvbmWN-RU4-_C926JIt3t4Dn2d5a84QXIrIvuelQK6fLrGTFNPju_8-kIHV-aTiEBNoeW6IC-tO2GRsfvCzOkto2ynhUGXT4SVqlpuXR0EMCKDoesnb5XhZqSO0-sm6EshqSbMGiBYodqQviW9pirSyTHWTwYOwpiE_dG3Et5CvKc_yskdkLNYKur9hEmExqdHNCsjWSARUbhC6fHEcmwtB-Vnx64drn0KhZbmEPwE4YJnM7sB&sai=AMfl-YRnoQLd0Grbv9rccrsquue4StiNaReDrGMxQ4B9VbKqSO8znM8lQJguxUAZTF1HAluo5r5TaZpsiCuJtNcD9d2I6LlEZisMclg1nQI5AVGn3cQU4NzS_HT9ZI6JWbgiZnn_939qGJfdaP9PZbBsW2YxAyuAog&sig=Cg0ArKJSzFp8j7kpRGgjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210909.85276&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 14 Sep 2021 20:28:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9846 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
123RF_2020Q2_DE_Orange_300x250.jpg
s0.2mdn.net/4646536/ Frame 9846 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4646536/123RF_2020Q2_DE_Orange_300x250.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
0b455c2bcf04ac7cd5418215eb752a2eedca9619c43a0afbd6ddbf75a96b7ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 16:34:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 09:15:13 GMT
server
sffe
age
13984
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36567
x-xss-protection
0
expires
Wed, 15 Sep 2021 16:34:58 GMT
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadFI9AAl2yFuvFfhFwpFTkzFARksFAQtjFqnRNSA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:02 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:01 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLFR8AAl2yFuvFfhFwpFTkzFARksFAQtjFxmRNSA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:02 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:01 GMT
123RF_2020Q2_DE_Orange_300x250.jpg
s0.2mdn.net/4646536/ Frame 1FE8 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4646536/123RF_2020Q2_DE_Orange_300x250.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
0b455c2bcf04ac7cd5418215eb752a2eedca9619c43a0afbd6ddbf75a96b7ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 16:34:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 09:15:13 GMT
server
sffe
age
13984
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36567
x-xss-protection
0
expires
Wed, 15 Sep 2021 16:34:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 1FE8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9258
x-xss-protection
0
server
cafe
etag
9058358164849487988
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:25:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame 1FE8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
773
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 20:15:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1FE8 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstso3vL1IPAHEVKlrhxc-XMsFjiQ3GtybhjQ33fGM7_6sXPbo5AmvAwJe4WFi01KG0U_ITkOQrG29GcTJ_A1TDxWYaKefWRcuk4mHyQMvHFON0NBem6kEBPLW_WfxZxPU4v6Ya00VmJuGrRWvkK4zIV345YqW5l2MIHR6n9d-u9NDjkTeVTWYntsVBryToYYeLiB6Wq92jOgcQtZ8J97ZOoo9CPgA72SVJS7gj0Vm4LVMJL1CmUDid5ppR3u6SfXpMwc8Rvy0zizPTWUl1madRd7Sdrr7hlXE09fk7zySXcYLzD9j4YYCtXjRozzdFC606Xdr15blRGvZTHIdjQD3bMbRTmYwy2Orbymol7A63p3JWwQIQnj-8QU8GTdD4nJ_DRqeDUh0PNRi01OatiggGylh0PsLp3HEJnHPaWzPxfNr8Tg9qS4TVL7AFyu7PO2uB2-7ddmQiFwcyMTBSl8g9rPPrbAotq0WBuyzhKhfgbVuy5SsRB9dvD24OTXY_JIQDYFzQgsSDvxXZuaCkiW2truJVRbT9NwvHCLFydNU0CR6oK2JPueBw4ODs0ZLEIiwFUhpsBqWT36jfAFOWky_sqNvF_sfuhfVJSfdSqPk1vtX2S8nvln-2IJtl7N_XhOxHflPDYA-TNAhixJUyPiCihj7orstzyzjgd47p5w179bn6l5wrI4_0QDopimGXNiPOtFfw_gNFuK1Z7IQbSuoj_JdC2t-GTpO6mGneGSNClsivif3ElDcQakj02Mw08xuiIBeojb-8vBrcUAdqTVX9FJ9bIBao-jxRS0Pa54MXmozDNY39q5wTVClbb8W3kSpLVLM008f-YrCCvF2l7NF2YXt-XpesSR5SxdDuwXONNrdbqqy75mD13musOZ9SyBAbsmZjphdKDKdVoXkM3Pr48umxY6wFavQ6UWhvbAMs_yWKvFNMDo7qC31s3TNmADEisE5nPBtzJzWeJzhjSL0NzvXZgM-oTCou86hJkcy78eDKcWU0RdGGxbBxUPs_QGWWcXgjueqKtNI8Ht_kSqWFLx5gudRFJwOUZO0gEbnuXPLmOCwSTMCTMhuJrAYoKyZDKWNJnXic9wPC1hbjnEm1Gxig4HEQsalzx7LJ1LUrQw1GsYUDMhGGwTDjUfwJRWYxDS7wgtv1endRaM7w2hlg&sai=AMfl-YSf5sxJlnlSm3ODFiwlDJUWFF8Opdgt2alN98L-vmVjcoQ20O0eejJXDUy2VtIStm0Dljm31vQKI6lKpLbdeALGs9eF5EfCp7ohFgb8xTGt1uTg-gW6K63RwcumUdHVRSC7hH73lwtwkeIuI1IyJuXc7yNQmw&sig=Cg0ArKJSzPoilZsEI2RQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210909.33027&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 14 Sep 2021 20:28:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1FE8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:29:49 GMT
sync
ups.analytics.yahoo.com/ups/55946/ Frame FAB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNWyxgnZegvuST5lG5C27GOZhQenITufQD2pLLnD1fAkJHrEcGYN6yWmqwjs1rpVTJFxt189TMMMXrkYXM_EUHzDvU3CEGTSLK0c4W-HtpOF2cbaI8ukOUXNfS39T2c83a2NMi3TFl_WfwflTpdggNNIcsyc2TCIU2vmTcZn3KbeQLDvjgg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
date
Tue, 14 Sep 2021 20:28:04 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FAB9
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNWyxgnZegvuST5lG5C27GOZhQenITufQD2pLLnD1fAkJHrEcGYN6yWmqwjs1rpVTJFxt189TMMMXrkYXM_EUHzDvU3CEGTSLK0c4W-HtpOF2cbaI8ukOUXNfS39T2c83a2NMi3TFl_WfwflTpdggNNIcsyc2TCIU2vmTcZn3KbeQLDvjgg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FAB9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNWyxgnZegvuST5lG5C27GOZhQenITufQD2pLLnD1fAkJHrEcGYN6yWmqwjs1rpVTJFxt189TMMMXrkYXM_EUHzDvU3CEGTSLK0c4W-HtpOF2cbaI8ukOUXNfS39T2c83a2NMi3TFl_WfwflTpdggNNIcsyc2TCIU2vmTcZn3KbeQLDvjgg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:02 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
Connection
keep-alive
Content-Length
0
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame C02E 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vacina.saude.rs.gov.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 07:56:10 GMT
x-content-type-options
nosniff
age
45113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 07:56:10 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame C02E 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vacina.saude.rs.gov.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:25:37 GMT
x-content-type-options
nosniff
age
183746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:25:37 GMT
fa-solid-900.woff2
vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/ Frame C02E 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Origin
https://vacina.saude.rs.gov.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:03 GMT
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"12690-592af5a54eb00"
content-type
font/woff2
accept-ranges
bytes
content-length
75408
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C02E 		971 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4366
content-length
438
last-modified
Sat, 04 Sep 2021 09:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1121fff-3cb-5cb27fce72884-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c0c5a6c4137-PRG
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C02E 		971 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4367
content-length
438
last-modified
Sat, 04 Sep 2021 09:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1121fff-3cb-5cb27fce72884-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c0d3bf14137-PRG
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C02E 		971 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4367
content-length
438
last-modified
Sat, 04 Sep 2021 09:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1121fff-3cb-5cb27fce72884-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c0d3c024137-PRG
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C02E 		971 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4367
content-length
438
last-modified
Sat, 04 Sep 2021 09:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1121fff-3cb-5cb27fce72884-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68ec5c0d3c064137-PRG
access-control-allow-headers
origin, x-requested-with, content-type
action
www5.smartadserver.com/track/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www5.smartadserver.com/track/action?sid=1631651281457&pid=541023&iid=10373740&cid=27188081&key=viewcount&ts=1631651281457
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:03 GMT
transfer-encoding
chunked
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/55946/ Frame B774
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNVKQxRMwvk_WaTyVrkQk6j6IJfeNhlaHb5cwLNDxqIh5DfLid6oDCpev4Ti1js2VT_qevJROgmUbtZq8c96J2IBKAHqFxK_9QHuPDeS0k5eO7J610UQRQ3xfLZ0GdvT0ECGM-8jO_xn5lJWBTpofwIlYM_ClqRgAWw6TlCftKAgz_Aft7Q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEChzeB0adex5kB0ox7BYhpU&_origin=1&google_cver=1&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
date
Tue, 14 Sep 2021 20:28:04 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B774
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP42aec717-159a-11ec-a15f-06be1e67faf8
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNVKQxRMwvk_WaTyVrkQk6j6IJfeNhlaHb5cwLNDxqIh5DfLid6oDCpev4Ti1js2VT_qevJROgmUbtZq8c96J2IBKAHqFxK_9QHuPDeS0k5eO7J610UQRQ3xfLZ0GdvT0ECGM-8jO_xn5lJWBTpofwIlYM_ClqRgAWw6TlCftKAgz_Aft7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA0MmFlYzcxNy0xNTlhLTExZWMtYTE1Zi0wNmJlMWU2N2ZhZjg%3D
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B774
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYrIWTCzAB&v=APEucNVKQxRMwvk_WaTyVrkQk6j6IJfeNhlaHb5cwLNDxqIh5DfLid6oDCpev4Ti1js2VT_qevJROgmUbtZq8c96J2IBKAHqFxK_9QHuPDeS0k5eO7J610UQRQ3xfLZ0GdvT0ECGM-8jO_xn5lJWBTpofwIlYM_ClqRgAWw6TlCftKAgz_Aft7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KWEtXRVd0RTJ1RXltUnhSSDVSUXd1T0dKc1dVcFMySX5B
Connection
keep-alive
Content-Length
0
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame E10E 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 14 Sep 2021 20:28:04 GMT
content-encoding
gzip
age
1111207
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1322654
content-length
84509
x-served-by
cache-hhn4076-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1631651284.171986,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
action
www5.smartadserver.com/track/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www5.smartadserver.com/track/action?sid=1631651281461&pid=541023&iid=9122889&cid=24682538&key=viewcount&ts=1631651281461
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:03 GMT
transfer-encoding
chunked
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 9846 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIsj6v4qg6U3Gozglmc4eEPGB-3J796GbqLHdttNyJljcT0Caiz5AbPtpSqdwribqt-kl2n3CJABfNBGITNcTI92RxcHx-Z6s-5MiSYEnJz7zkYZzW_9Lo_2cY0v6_XGmHP66Dunx-L3JWDZY6KeJvsZOJIPvUmaHumBEhIoOHGi9ZfJgtj5qUUmRmeZTgUyYwLgm7A-s8sGSFqaC2OSVcx0DNx4NYfR_DX3uu4ug3NDxxCB1fFGksv3v4r2_t2NBD-Xv_Xg2oG31_MHICSZEet8Zsz91lCQKzGtwGNEg_yhyKLK4mOXkufrFpsl-mLphKWA2OZLE1Zb5tYwkDDCHlv-0xDcLHlOHzViqMZ3hw4-p2a_ER-CLKNGzRmzUl79GeaTr6iGBKwj4fmGnfTfZXzHobN_XbWhpX6bVJmEI9exYfDVb1Qsry86c0XZpPuLNQPgo0kRPumXiNLXJ2GqTMnP8ulPDgk3f8iHzcyxoZeIp00dLibugc8Q3VPDbA87XW9KHZWh_3-Nr8DBmIB5qgtHzA8Y7S5ducOYqgLZ0H6TO2WoCnkcHSgJLbfohANbcFG1qibRvDoZqGyq93vjUvdp0ZOogHWKDqW9fVPuPq0wEM_HDmQ-zsnEWzguRiI2wbMrJFTD4eBO43o0WTLwcnuAk5k-mA-8jrki8rOm5nwPp3ex79252z9WLG2EBN8DMr1BvMz37moKtPR5-7kKg85np6L63F2qT_qTzZBP18JU0vcLOCVWgGI4Xns_s_nLqXCQG5dntDiLJfBbJf7-YxPF425lXME5EXmf-4NMJbPS05tON4-z-3TQt25LaWfp69HUD6-dpZqywMacNKkiZojJlHCstyKphluG0ZwirugNHLXxnFVZE1wUmcRT1hPbZAIpE7Ffrw56AgsbUEioebETLNIBTwB-IHPcRvbmWN-RU4-_C926JIt3t4Dn2d5a84QXIrIvuelQK6fLrGTFNPju_8-kIHV-aTiEBNoeW6IC-tO2GRsfvCzOkto2ynhUGXT4SVqlpuXR0EMCKDoesnb5XhZqSO0-sm6EshqSbMGiBYodqQviW9pirSyTHWTwYOwpiE_dG3Et5CvKc_yskdkLNYKur9hEmExqdHNCsjWSARUbhC6fHEcmwtB-Vnx64drn0KhZbmEPwE4YJnM7sB&sai=AMfl-YRnoQLd0Grbv9rccrsquue4StiNaReDrGMxQ4B9VbKqSO8znM8lQJguxUAZTF1HAluo5r5TaZpsiCuJtNcD9d2I6LlEZisMclg1nQI5AVGn3cQU4NzS_HT9ZI6JWbgiZnn_939qGJfdaP9PZbBsW2YxAyuAog&sig=Cg0ArKJSzFp8j7kpRGgjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1768&vt=11&dtpt=1768&dett=2&cstd=0&cisv=r20210909.85276&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZr_cReH8VWYtG6Aby2xP6_h-yoBxT-R_zlasdNPb1FBAaCLtZ5tg-Vspao6DDQ5kFaHSKk9zIJIklDuo29f0o_A8PzZ6lD89LrUx3sCs7PfegxDR57wToiI3vd63RwiVOAUYS7AXTXfOx81CLa5nJoU3K5g&dbm_d=AKAmf-Cj_oiI34suGI8CfG2x38PELDNF0MsjGnamkwk_Xee2PTLmwODcQpqjYDl3GL_5lGKDZhsHFU0bgnZcjpeUo0nQRMHzyO1CMu05lMY27tywHdw3QoIV2u4ZSEkim9oAvoZFqURo7G9A9_UaI-Sb0pD0oZSLMxhuJ3tyMruMwkNS3G7QWvNy9BmEWw3u0CpKq3zNwNY502uNVPTTu6HdDUnHMJqGv6q86gfqq8Nl2wXz7byW7w86bBXwdu3ujcCp8mtLiArjZHJIKD0ig_UIxkLDVeZhx3bJS9V2aoPb35DwGf48hAsNKdKiPDWb5GFuop7Sr39x51ceiRnXCsA7txyyuTz7DNF56ryT3No2NWkxi45kVy3Gk792FeCyq_BG7OWTbUYEm8PTQwBN3z1PfUOsvKZNe0C4yXTv4-lesUcfTGqvy9g3sSq0Yg8kwC3kbpDenZvCNXykyVoxl7HK2MePIcWweNJntuwP6D8CljSSc0eB-cNdy53smI2NXoW94ZjMldOUIBKZ1zaEKfWgCF25Otl8lGo6Am9iq9csj-BhA3QxpJQdgFXR-avQNABj12wW1uiVPS3w7qIIHS4h_V-A5Yt1QXMApnsjmYGqfZFVD-TDZJ5U3qg6WtVrOJRO4gnDwqIVoKc_IW_KFfx4aTH1pZxO1Iz94mvP5PQ7_XLAECkpKZ2AyBhw02EeBeJ6UwiNUI5s8mYRPBqgrUtQXf14i74DE9ikm_vDksEnlc3m2qD34tcJ72sezj7jWpt7wKXZU4tNzy7kI6GcRAgA7cqGZwlcZiszRoppKJTpg7FWyIzaIIzhXqYEcRo7TLjUbNAuUaSYNROgSDkPDC23ipKbZeE4fuI1XuVf7-_CLBWzPbFn2gT8GYUUCM1YyHkVDFFfodBBBQUSK9moAq5Dq_AcUFf-c97sf7eOCq-DH_i8FVnj79d-2bzmv-ZQVNXCzrNl0Q8dypeOiWmb_31IPi-9ZjEAFwluPeNfpCyaS19zW8OaTrxdmbnBM49X9fiY8cXsEAOLft5niCIBRPzwRwXHmWD5bf0ifwxELRVquVbFzJGcUQsJLE-xbhqV1m4Ux_fLFT1ehufNGx20P1P0VT-rkhVlQ2cPFIXhtojx0iJox6Kb3MoSa7ziKPy-7pEs_CrhLIHxLDmEmTDCHdy8H1dg1bdyYMbb8UiiK8Jv0s_UjbQIIu7qo9bN6f7U3UscflV3oruh_jfEn8CdgysMOrRAFXfnnkiLHeFtSXVKQH0U_vYAo59waD1mKCC9OnVVSCXp_efxwJFy9hAYM8D0rd-EDICKp3NJlZxXPv8FgUmWjVx7j3exYhk8RnJ4yb3LCePPXcp7Knev1VJ6Kj0VAs44lzGmBWZTuwVu0a7SHQL42pwdfQYc4WfWWpJ30xtpme3EJNtVBTKsU-sRpv-QbzVBaj9SJfGr2haERgjDC-9xFUo_XI5BLnbte9wVzeJYIe6LIFpJQQufNtQibRJz1xm3Xb_385xGFyt2L78XNkZg5ZmG2YKYeuXy1O-gxH2J-SEYGWJBipBgkBHqIOBxMWpb-9s2WH29py1xJ5LClLjoRkDuu0MLJqneub01hTKdAQd0BiO-bfsJzJAyq7Ph4R5562Csrq7TY3Y2exSnTjNUpmrWeaDedyYiT6JfixmScbvIvmXgOOE3WSXb3cCY6uYQSNbkUXdfamBdw0VuEWjPGVIbm-hCCAl6ch8fhloYgPvQOVivqcvvHwvYG2ct9r6VBgeMBt7NXbdCPGMNxPvoQzz6j5TaYqpCLuR401EWx7OUHSAJS78k_9iSt0Dyc5i5JzuXVENke3ZpSSPPscVcW4dI4gc4HmsVUcxhcPSsdFlvG66xrtn6exIcyCFYgtKHACCgDo9jz2pxfubDluyXM9ImNt4dx2HTEAjzZqToVEU_FYTDCkpOeCWYyA7cjVLBGQ3K_RQbPapV4sRo1JJjEp29guvYBsXGIGN0SBaFQdY1jStulDV8Bx2-H8HNUxPHd3YZijnRFVOHYqg3Gp7yk0XFZTlq4WSoRPNtFd6XPeSz_t7i_CPc0fv8zyuk0bg4NDGT_ML8kF0pndDPAkesWFrWTzBL4W2eqz56AuoItY5YWEE-NYVYIkAel_nUY5tO5gON-SE4Zwyv1EdIfh00vUgOVcT-ahkxclct6PVWG26lXo3CStWDXYx3Uggj8MPvkCg9GUxsg3PHcxo3C_KNV9-TRPqiJwBRFfHRmAcMm_fj9uQBe5dV_C8TTPmMr5tbUrCdlN3p9m1Wc-eHME0nARtn8rMAZ8vIbWtA-j02Zjswbn9T8kVEWTYD0QEIiy87ZNJQVBrb21vvimbwHn1iY5DISL8uMNZHgh5M0Boyq5TvGHXcqH180r_ZYKCPKCrC6QQ8i9MSvXa66u_hd33YrGAhEBT8Y6x5i56IDGxlIL3ISpQQ5FBDFqy6G3RbyYk3LPNoIyDt45HXtehmf_Re4MYUwKmGw07xYy2BkpJBRMnk5pC0tL7XphUiVELoLhRfL4_lSZF-ldr1R9y3njvuxw81LKupOz5xMsD78_EAHkgPLfx5wr2HXyUjQFWDJoDwbydqaRIQxSMFLmb8v7U4lGlBeiFPQmxP-jNr2AwQkcWXVEkqwNJM1K_lYkzxwGSU9XNKjuMqMozYFEj9PuB9xvu5w2WyWvtRMXF1qhei_4c03jOpvXSfocc4s992S3TOaenchiKAVF2uzrEy81oYjAt9uuwSVm2kquJYOoPg4VQUUnBer1xjTxLq4aO2Njr5CBX7ArzJidUGcUMCqmcfOeAex9AYO-aX_eudclK5PqO0d5l-28Q5TinK4B_9w1UfFiq5zij-g9Y7OhR74eMVBi8UmJhv9oUrIEdZuebz-u9CxqPc&cid=CAASEuRoYbxz1J_rPqs7LkCz5KsCuA&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D2BE 		1 KB
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 13:05:23 GMT
expires
Wed, 15 Sep 2021 13:05:23 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26561
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9846 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64adac1b865864458f43a5c72c61eadab87c4f44f1ae490d5da64045f3ffe906

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadGQZBATkzFARksFAQtjFPxJNSA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:03 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLGRYBATkzFARksFAQtjFevJNSA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:03 GMT
firebase-app.js
www.gstatic.com/firebasejs/7.11.0/ Frame 8B51 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.11.0/firebase-app.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f3.1e100.net
Software
sffe /
Resource Hash
302813418547cd13a955a2952d5062aec5f8b3330ed12faeb0caeb7c48eceda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://correiodopovo.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 02:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 02:07:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 02:47:40 GMT
logo.png
correiodopovo.soclminer.com.br/ff61ae4712a440469640bd2f82aa2c35/ Frame CA28 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://correiodopovo.soclminer.com.br/ff61ae4712a440469640bd2f82aa2c35/logo.png?v=1631651284561
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29f002949f6387d4a6b81e01f0dd0f49e10a29c2c87c4f228594dc345930d20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
content-encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WSPMXXEM8DBY802Q
content-length
27601
x-amz-id-2
Zc0t1c4DrseElfMaHZpfWN2xpbRFba/U3ygLV4ilKNOjmdsmDZKIE/sAJghehaRR7HDIVsndgWE=
last-modified
Mon, 23 Aug 2021 21:01:35 GMT
server
cloudflare
etag
"0fd960a1f6ef6927c5d9b9f8e3718f13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYdZatlJcpm%2BdVVuH%2BknB82SK%2Bp%2F2wKavbcNNZ6mzQvk29Y%2BINOEbShQaO4ne0HHG7WdsPp2h%2BfsCVUfyAHQqLutJ3M7Xmp%2FU3j40edfjeyQxuwbfF71sc%2FLmEnFcnDGTX9aFYncZRrxjbfXUYt6ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
68ec5c1098a94132-PRG
createjs.min.js
code.createjs.com/1.0.0/ Frame 633C 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2173874479230561/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.107.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Tue, 14 Sep 2021 20:43:04 GMT
javascript.js
s0.2mdn.net/4528516/2173874479230561/ Frame 633C 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2173874479230561/javascript.js?1624602490185
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2173874479230561/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
6ac8d8bcbeaa5ee86aaa9f5ecb9a38792c86359e09798c0b69bb6d10ec43ab67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2173874479230561/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 13:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9705
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 10:10:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 15 Sep 2021 13:26:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1FE8 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstso3vL1IPAHEVKlrhxc-XMsFjiQ3GtybhjQ33fGM7_6sXPbo5AmvAwJe4WFi01KG0U_ITkOQrG29GcTJ_A1TDxWYaKefWRcuk4mHyQMvHFON0NBem6kEBPLW_WfxZxPU4v6Ya00VmJuGrRWvkK4zIV345YqW5l2MIHR6n9d-u9NDjkTeVTWYntsVBryToYYeLiB6Wq92jOgcQtZ8J97ZOoo9CPgA72SVJS7gj0Vm4LVMJL1CmUDid5ppR3u6SfXpMwc8Rvy0zizPTWUl1madRd7Sdrr7hlXE09fk7zySXcYLzD9j4YYCtXjRozzdFC606Xdr15blRGvZTHIdjQD3bMbRTmYwy2Orbymol7A63p3JWwQIQnj-8QU8GTdD4nJ_DRqeDUh0PNRi01OatiggGylh0PsLp3HEJnHPaWzPxfNr8Tg9qS4TVL7AFyu7PO2uB2-7ddmQiFwcyMTBSl8g9rPPrbAotq0WBuyzhKhfgbVuy5SsRB9dvD24OTXY_JIQDYFzQgsSDvxXZuaCkiW2truJVRbT9NwvHCLFydNU0CR6oK2JPueBw4ODs0ZLEIiwFUhpsBqWT36jfAFOWky_sqNvF_sfuhfVJSfdSqPk1vtX2S8nvln-2IJtl7N_XhOxHflPDYA-TNAhixJUyPiCihj7orstzyzjgd47p5w179bn6l5wrI4_0QDopimGXNiPOtFfw_gNFuK1Z7IQbSuoj_JdC2t-GTpO6mGneGSNClsivif3ElDcQakj02Mw08xuiIBeojb-8vBrcUAdqTVX9FJ9bIBao-jxRS0Pa54MXmozDNY39q5wTVClbb8W3kSpLVLM008f-YrCCvF2l7NF2YXt-XpesSR5SxdDuwXONNrdbqqy75mD13musOZ9SyBAbsmZjphdKDKdVoXkM3Pr48umxY6wFavQ6UWhvbAMs_yWKvFNMDo7qC31s3TNmADEisE5nPBtzJzWeJzhjSL0NzvXZgM-oTCou86hJkcy78eDKcWU0RdGGxbBxUPs_QGWWcXgjueqKtNI8Ht_kSqWFLx5gudRFJwOUZO0gEbnuXPLmOCwSTMCTMhuJrAYoKyZDKWNJnXic9wPC1hbjnEm1Gxig4HEQsalzx7LJ1LUrQw1GsYUDMhGGwTDjUfwJRWYxDS7wgtv1endRaM7w2hlg&sai=AMfl-YSf5sxJlnlSm3ODFiwlDJUWFF8Opdgt2alN98L-vmVjcoQ20O0eejJXDUy2VtIStm0Dljm31vQKI6lKpLbdeALGs9eF5EfCp7ohFgb8xTGt1uTg-gW6K63RwcumUdHVRSC7hH73lwtwkeIuI1IyJuXc7yNQmw&sig=Cg0ArKJSzPoilZsEI2RQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1758&vt=11&dtpt=1757&dett=2&cstd=0&cisv=r20210909.33027&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsEZ7UzsjHVsP_OFlaBHAS2zVfKC2be0cSeu_VZRuJDkLOWlTp8yQCLzizPQNehLszDlT0qae5gzbt1duM8EFY0BGn2OpUxycAiH57FIbBuMWZxs0tjv20BE9fHnoAQhwM-JpEeM3F3AjeOuiMYOBZcDg6ZQ&dbm_d=AKAmf-CjkUFzq1SlZESpDgCWJjhnCmAc-6OOtEb-MDmLAdkG-EKXUa3HJjE3XfCyXrF-iz6zZIjU9iBc6QYERKneHewls8sbGSW4M8E3Ean5FLgzgWQ53HfOsEt021lQsjemOcPZgWvKqjw1eq1xK7ytcvVDrn653s3hEJOYXeakBG8AN7AZj5JKXHYrNaESd4V2p_Ii98vCnKXm6-Zrxal_5FDyS4g_UsTGN0mT3xwuzgkEEzo_ogr4TkvZMiO1Q-nc5XNP1xI0ITcXzyjgeN60aZu18P1ieh-s8HcDZY7Jfbu3SPfIIH52sAAgjuJGyfYjGA_5YzFsY6qJfYwxyber7yYoXcYpetT8oKoN5e73KU_vn9blumGqNTP3JjnFLW-g8EWIh5jtFUcoNtPlWv97JSfEF4fFlJxq3Pgei7jpM0ye_x6a6wZZU6C92JtyCgahYbOE9AgqxNh1fhtQv8k4-R4QpbrWwsq2K2LBL0uieWpnUPNhg8otniAQvLSiTEcFrIQ1O0qWlMS7I3zZ_H72tLMZbUS-etwwiWor7jXxJVn2SrWS9vS-2Emi-d9hjyWWxI8LgAZAXRrvLDknVFNrRPOToh2m3m73SqdPujVp3ZxVpe2eaNlM_pEqkWFG6J278aOlWC_vkavKhWEOvvRMVjtve8HQit6fMWS0F_6fEnzYmCZVfXQsbS_yi5Xt5v_N6rH10kD2mHHVtAUY8gg3Cknh8Pk3AA3cUEQs3YzYFfGyxLfoqISWfkpoETUQc1mh6goqdhb1y03LdyKa4jMEyBJv9chW64v3M7flOHDVeYeH2ob5cxw9RyhLRcyVyHP08gbrDHiN3-3BnUxba_IVIMT6CFbrnFqgxsrywpKV1rWweVgcXXvc25A1uT3PoNOmeT7bu4YYyj9KdreZ3flEcGsIHgJ956XJCpq4CuH-nELiPH13uuom-BXzdimvaWRToCBMiqDEM9SMVGNuKWBpdmRB4LNIX3ATnTuI5AA-nO8LiQ_Vji3XrY7WdFVu-1I8toI8AwI8nf_9K89R5NJjtzyZfNsiOAddXZ185pdUMNrqAiXRYTHB5ZWuyNtQZqiIjGd8I7Jv-8nLbyHrTc2DxKpiA3kjEUg2iWFiSUrBtn5Qcp8Q3VAaxumGij8imOVMnTJWYCYWVp0biZeNRI0mXYUku3VD7cTLtpZcSxDlaYB-_mYeMoBYs2V0-w4l_kUNO4mhjokMVK5NcLi5dhR7Df72kSP8XtifmNM58U-2lrzCS8P0f_Xyo3hgEceiBTs7YjfldN3zrLag7vRSwByYLSqxDh5Z5BAQAAcPYHLZBFmIDiHhHc5hnDvNoKCgUzzLs0C6nkIQu10rA8l8f5vbuOHmtluaoN1L21vHq-Pfi48YTOqpJzkeT-XJip0blWw67lF-9-znrtUnTxRzf5E5Ucz8WogFRg1b7ogn5BcPd6aUSh8E7AtwJmjq9V3Zl9bfzGSud4Sz0UtSqsK2wHqDtKRn7bTTurt64fow5cB5RgM7spDHbv0LRWRdRHFACdEfxl4phMjOXkqEA5V0QPt78Oz7ACHSZaTeXymD5Zx4LEJAhjTTmkUJCKJcWmB9FOCgLjefFS1mB8C_A8BwZwdG4vbLKFNUzWmaW95t7GeMnAZgQz6IDQoUpF8YbDQtL1dc9S31jQV5z8Q302zCZ30zZsTxcV4DymNBpYCIZlBYwoHLLpZY2tuQOtlyKVjA3iJ0b9i-INndNZYpZHId_hphU7dzmXrHgoHyLkz05ZVM0lAd5uW1UyAq67cNulRQE0bMc_aNomuEXx3anWuA6taWCLD8oJXx_agZTR99OgwdmRxO_OdWdSw0yVxlefU0litrN0uN0Dufl3qwnQ8Uy2zz9LP0_LGo61BO9NrQwlUPCmvFce5ER9m2yx7Mq_BjdpRCEl3_5GkYENgBWWrRXIglTWP1C8pnT_J1Vyd5ApE7BV-nR1jPrpZjUMyxYgqf0eTQFSVurlTtSpZLXwe-gF50wrctWPDhzY6LVNgKp7TMLAgfGGFjLXA8bfICbGkpTJ9vcu0dSzc4YKjFm1rYs86-aaKN6o0s9DVYwjuFN1yTO6dENfhcFxCP9p8OduICdR4UpixdWgW8mJp3j58YDcwCqmt6EKnTi9qp50tue8iXY1OAtw-EfSTnelvqfsyLWNQKqfRn0NvKrkAYvc2GWRPBGYpWODrApeXA-uVorhwIvMVQRUoh2RuK5ZAGiOCQOCatK3FNTAYh7N0K2ZeEkutztGOMNTH-mkXw2ChiSpixDKC_naeHvtLr1QnUzaSjPMvcPJV5zo-CzLRQZ5igLEq7biAz9l9jhhOEux8PDlavQTtS7NsFqPnywBSePXXXOexJOv5fI4WIxrBOrz4hrFYPopMO03xgQxbB5Rzh4Rt34Z6WppRgrdlrfs_4EJOST7eFjwN7grz6w8H5CAd4LV4FNpWegYUv_3mZt-OmQzZOMbRk457NRZEhzg-It8Vbw36o_SQEicCsC8pCI3qo-A5AxgDty7UGqNNfSteJUwsIZ0ajQIIF3DWsogSmuk-8atRJ6feCkbJUzo9MwIPEI1_uSyGKu_eSSVQwlkxONZI2E4vl29rK0afNQQQCCiPzGuHUhtGRN1s622J2f6UKGVhTnjN8q_SSBfdJ4CBMnjz-WZa08JfCuypRiCDwpjqB-2jBfBr7pB4J5NgJIYbNyPnWlZfHH_IT_u1b3ZZ2PWlEyM0BhO9gRGsAErUT5DF2vWvLCvrMSZPFTJWsZJqy3p7Pt9ORX7MxOg6qwlZi0hvAR5vX7B57oRY0CGsPn4dYC97L_nZEQPvE1S00A0co8DxbaR-WaIO8f4eTX25tvFV7QpAjw0LmFqgpghFjUU4U3eyVoVmcSziR&cid=CAASEuRoDSDj3O6_-qjizec42XIWUw&rfl=3%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%242%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 345C 		1 KB
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 13:05:23 GMT
expires
Wed, 15 Sep 2021 13:05:23 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26561
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1FE8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ae6a9b176b2fc85499d159131fae30605accc18a51d0680c4a0458613a99575

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=7&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=6142&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A0%3A1559&as=1&ag=5063&an=2608&gi=1&gf=4552&gg=2097&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=5063&bx=2608&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=5063&cn=2608&gn=1&gk=4552&gl=2097&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6125&cd=3416&ah=6125&am=3416&dq=5426&dr=2717&ds=5426&dt=2717&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=57&vt=55&vd=0&zMoatSRE=0.046875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&ef=0&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=931704443&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:04 GMT
faixa_etaria.json
vacina.saude.rs.gov.br/json/ Frame C02E 		322 KB
322 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/json/faixa_etaria.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
c21e4b3bb90dd685c8fbb6e17efd1f1bd175cf156c38ae7b4f7e1e140c605d32

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
last-modified
Tue, 14 Sep 2021 09:22:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"50769-5cbf120a1d2d6"
content-type
application/json
accept-ranges
bytes
content-length
329577
OpportunityServlet
opps.taboola.com/ 		1 B
84 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=21
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651285.658446,VS0,VE9
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 258E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428294
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3F5D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428294
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad_impression.gif
beacon.krxd.net/ Frame E10E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=271316741&adid=466131063&creativeid=153947855&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.138.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-138-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1631651284
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=8&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=6170&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A0%3A1559&as=1&ag=5063&an=5063&gi=1&gf=4552&gg=4552&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=5063&bx=5063&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=5063&cn=5063&gn=1&gk=4552&gl=4552&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6125&cd=6125&ah=6125&am=6125&dq=5426&dr=5426&ds=5426&dt=5426&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=55&vt=77&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&ef=0&eg=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1816797995&cs=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:04 GMT
i.match
s.tribalfusion.com/z/ Frame 557B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU...
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5c14cea14131-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2074
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5c131aac4131-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJRSAiUj8QhQejl70kJGPnjhLfdjouk2Fau__xvMnKzvcqc2JvolUec_lUj1UMK2Sb-q7OtwAfFfGAqJQ1CEBvz5OznMmU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 557B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBBqNqQBCyOLTC77ni5MiCE&google_cver=1&google_push=AYg5qPK4AtaaBAzHfNU8kY0af_iE2N02_iU6Hx0KFd359LRcUt2tkzwIftBBGEuWZnxUcCfFzL5P93lMxiAJnDXl-2NsAKWJ2yQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4210D6FC30904BA6A505C68F91DE9A39&google_push=AYg5qPK4AtaaBAzHfNU8kY0af_iE2N02_iU6Hx0KFd359LRcUt2tkzwIftBBGEuWZnxUcCfFzL5P93lMxiAJnDX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4210D6FC30904BA6A505C68F91DE9A39&google_push=AYg5qPK4AtaaBAzHfNU8kY0af_iE2N02_iU6Hx0KFd359LRcUt2tkzwIftBBGEuWZnxUcCfFzL5P93lMxiAJnDXl-2NsAKWJ2yQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:28:04 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4210D6FC30904BA6A505C68F91DE9A39&google_push=AYg5qPK4AtaaBAzHfNU8kY0af_iE2N02_iU6Hx0KFd359LRcUt2tkzwIftBBGEuWZnxUcCfFzL5P93lMxiAJnDXl-2NsAKWJ2yQ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 13 Sep 2021 20:28:04 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 557B 		0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELzHYAq-8RLz1Km6TwF6Jtk&google_cver=1&google_push=AYg5qPK3wVhFCZ4ISIsdIosYKWfw32IGZjj0f8q6BgwMPaeT4BaSzB_BNL6npspLh9Kui90KhdsOOoun_ZSeoDN9Zq3zhGyxAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 557B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABQlPFOyaxQWFC_KMG1Hfc&google_cver=1&google_push=AYg5qPIL937mv-_W9Jv2EsEB1M98mlq8QG_J02KVdhOSWky2q_DwJj_Ui3_rj7JzXstmGw0o3ZTeW33Ai3p_My...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4Nzc5NzkxMQ%3D%3D&google_push=AYg5qPIL937mv-_W9Jv2EsEB1M98mlq8QG_J02KVdhOSWky2q_DwJj_Ui3_rj7JzXstmGw0o3ZTeW33Ai3p_MykRXl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4Nzc5NzkxMQ%3D%3D&google_push=AYg5qPIL937mv-_W9Jv2EsEB1M98mlq8QG_J02KVdhOSWky2q_DwJj_Ui3_rj7JzXstmGw0o3ZTeW33Ai3p_MykRXl_rPyqsSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4Nzc5NzkxMQ%3D%3D&google_push=AYg5qPIL937mv-_W9Jv2EsEB1M98mlq8QG_J02KVdhOSWky2q_DwJj_Ui3_rj7JzXstmGw0o3ZTeW33Ai3p_MykRXl_rPyqsSA
Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 557B
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlW...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlW...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=KGn6utyPSxO6hngtouotHw&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlWnJ7Zy7a5NIFbT6_kbA9t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=KGn6utyPSxO6hngtouotHw&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlWnJ7Zy7a5NIFbT6_kbA9tYpJZ2GO8ua7jMWsgg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:05 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=KGn6utyPSxO6hngtouotHw&google_push=AYg5qPKWBto0hJjwzllIf_rhtIrVdjo--e3ER2hEZPb_z3oN9K9JX8Pe_VJlWnJ7Zy7a5NIFbT6_kbA9tYpJZ2GO8ua7jMWsgg
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
236
pixel
cm.g.doubleclick.net/ Frame 557B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJE...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09okYEJ9A&google_hm=T3wvndZCSniAgFsAeOWNDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09okYEJ9A&google_hm=T3wvndZCSniAgFsAeOWNDw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKzn73H_ABOUJzTJf8Ac3XfiOAHW2VrhbFvTrT4Ec1jNBCgRVWs8PhSz6TiKlWB_A0lJ-eB5k0fqz-aJEGaSr09okYEJ9A&google_hm=T3wvndZCSniAgFsAeOWNDw==
date
Tue, 14 Sep 2021 20:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 557B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGgfyv8r4QdJ5k27MWEPRDwojx3HVVemYFb0tuecjs8R9gf46zHWvw4YyhkQ6CKg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 58BB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 09 Sep 2021 21:29:50 GMT
expires
Fri, 09 Sep 2022 21:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428294
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
firebase-messaging.js
www.gstatic.com/firebasejs/7.11.0/ Frame 8B51 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.11.0/firebase-messaging.js
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f3.1e100.net
Software
sffe /
Resource Hash
8c36320b8b03e317e930253f3e89a33ca264986a897d2df38a40fe2dabaf2e74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://correiodopovo.soclminer.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10438
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 02:07:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 20:42:21 GMT
visual.png
s0.2mdn.net/4528516/2173874479230561/ Frame 633C 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528516/2173874479230561/visual.png?1624602490167
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381799&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281930&bpp=15&bdt=132&idt=118&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=2&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=1253407830&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=310&ady=1117&biw=1600&bih=1200&isw=980&ish=90&ifk=2787585540&scr_x=0&scr_y=0&eid=44747621%2C31062519%2C31062491%2C31062297&oid=3&pvsid=1640904549810464&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r85w15cdrews&fsb=1&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
c5f8a5e82816eb40e5215b27627abf227c8ce5fbafb6cd3d269c2f38a3057abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2173874479230561/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 13:26:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Jul 2021 10:10:16 GMT
server
sffe
age
25302
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59232
x-xss-protection
0
expires
Wed, 15 Sep 2021 13:26:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E10E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvL4O41fQJmkuA-g3NqFgBtmjos-2Q-OYScs33Igi6EZhrs-3iK1zruo_CetUeTv4QFxFvrCxetZEXKX9_O4ZavpYomXjbbjmqIZfE31eu8r5nwODijjNBgDMA_tYgd57CTSMeoWNv3ljDX5zujxeTzL5H1v-pd_AeQOtlyKlEqn2t7VuRJlLwSfWL9NSeS4fxytcL1ZKxV9jKNxADKJSKvqutTKqA0SSDU_-8wcUzf-gfsUCanEA-lgr1qg8oEBJynON5LPNchon_FuECC6uHUWEtf853RLtwDGFN8LyF-SOKX1sybSdXkyUZz2kU0ZZR1RKO2GYwW3jMmgQAUVUvKjN-6yZOihs9BCuvKgDFafG6vH2K_rYFG-HBS44Ygbt9ec7WMj8BCd1lSvS_AFvg9W6p74llj5QvlV-cwR0Qw0-St79rGS6UQwzDu1W9sDzoqKEwCdAOgaE7hWp2rFHOL1Kq8zft0gdFRwkdK9djXz9j1YL3bw0iI4whP4bDgU1ZT4NnCDycfWHaWsGliT4Xo0Hn-y9bTPBQ00CEJJrS6963o8WU-Az6PvLWLw64PJZkeJfDtEsMyZ4GMhmgUrHpmPbJeRB9QHWmZEZRR0jZ24GtnPPdRo-6vE__zkB7PZRtFrxtuCqUpIeptAKWL4VyGSf-pSjn3hnsHvpGcvBf71OkAu75fN45BBCDcNfBbOUOVjpZZK56ArNayQP054VJCHDyqzqLtM_tHLrdiL-amhFNA8Yl6DqgdFfzEZV-zLqvtAq_fM5HybLSSkZKLHlkBS_ckE9KsK9YztxzW1Ilcl2JdaDCCrKTJWuJRYiGydBp3oCPtWR5urB1i7eR0P1TEdiZ9OlkXiFJRHfhvIq-YuTwf-YbH1nHUDKU4ZyXr7xYTOa68Z-4Z5VaxgdicV3qvb5iX0HsKpiA0NLOS6aJkSUrghXfLs3Ga3DYyYvuRfVxtSqazmCj1yaUZ-7Gn2Plw6LtKz0AigNjqH-09YR26pdEZv8xeldDteCJyxZlCgbUofqqvwISt8T9peHXoXuDmr25AANDebRmVQH2Uc9K2o_NC88nr3G8EleWMwzlzrU6uqfVyjWlCsTTbX0xC_r6406eHcJJ-6ulAEDivgYHpg1IHCem70Hn1203LbA_YbFBwQSqzSeilHrkdgPXqq5s-0bei3PlYvkC_lL_kJ7UYP8pHJ6nmI1vXuf0jTphuQ&sai=AMfl-YSS7w9wl1XyZ2rCv-wpKMNP6nh77eXPFM9C3_xymkdYl1OAn28W6I-a-aB0KSzmGhEchXMU5l0e70F_babc6uFfgisSzoMbTBEk_i0hDjQIm6Hq6K0o7l5P1_D2tFTKrrGMd4JNQi8Zbop25lRsL_yeJ3cqHQ&sig=Cg0ArKJSzFnyXVrF4JnmEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2301&vt=11&dtpt=2196&dett=3&cstd=102&cisv=r20210909.63526&adurl=
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame E10E 		236 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a015-dub-prod.krxd.net, cache-hhn4043-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1631651285.972469,VS0,VE26
content-length
187
x-cache-hits
0, 0
i.match
s.tribalfusion.com/z/ Frame D2BE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQD...
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5c14cea04131-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5612
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5c131aae4131-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ3BlnvdOC_JrWJ64-z9x63Uc8VOokd4VlHDz_sptvjblWWiInNH92kYB9gZqdfikiu7HebqpFB2SrfevVvSj0sceWuSQDR5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2BE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBBqNqQBCyOLTC77ni5MiCE&google_cver=1&google_push=AYg5qPIVHUypjzrq35eNuzOwhqNExshle07IKUxTHhrLs7MQ7fmqEltSZ4VHwEsQXq_Cpyoy_-O-nDzR03C3ZsB4X8yrBrqh-UyJvA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=880E6B9608704968809C0DDA5EC9C00D&google_push=AYg5qPIVHUypjzrq35eNuzOwhqNExshle07IKUxTHhrLs7MQ7fmqEltSZ4VHwEsQXq_Cpyoy_-O-nDzR03C3ZsB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=880E6B9608704968809C0DDA5EC9C00D&google_push=AYg5qPIVHUypjzrq35eNuzOwhqNExshle07IKUxTHhrLs7MQ7fmqEltSZ4VHwEsQXq_Cpyoy_-O-nDzR03C3ZsB4X8yrBrqh-UyJvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:28:04 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=880E6B9608704968809C0DDA5EC9C00D&google_push=AYg5qPIVHUypjzrq35eNuzOwhqNExshle07IKUxTHhrLs7MQ7fmqEltSZ4VHwEsQXq_Cpyoy_-O-nDzR03C3ZsB4X8yrBrqh-UyJvA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 13 Sep 2021 20:28:04 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D2BE 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELzHYAq-8RLz1Km6TwF6Jtk&google_cver=1&google_push=AYg5qPJjIQoYdTWMAM3GrhYo0us98khXXCDq9W0V-nypi5RQAFNGPMyvYwFlI4XF2ZWA9HkEvrcZaVqqsY3_EOHR71EKhsNn6vGQSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame D2BE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABQlPFOyaxQWFC_KMG1Hfc&google_cver=1&google_push=AYg5qPLqswq23wLrBhLwN02mzyjpc-O4aIqtLBBLTjJFAsAcLp3x3za7591p6wXa0BXNZwS9lTd-86UgKRk-5R...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4ODk3NzU0OA%3D%3D&google_push=AYg5qPLqswq23wLrBhLwN02mzyjpc-O4aIqtLBBLTjJFAsAcLp3x3za7591p6wXa0BXNZwS9lTd-86UgKRk-5Rj3Xl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4ODk3NzU0OA%3D%3D&google_push=AYg5qPLqswq23wLrBhLwN02mzyjpc-O4aIqtLBBLTjJFAsAcLp3x3za7591p6wXa0BXNZwS9lTd-86UgKRk-5Rj3XlGcPEHbFLlN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4ODk3NzU0OA%3D%3D&google_push=AYg5qPLqswq23wLrBhLwN02mzyjpc-O4aIqtLBBLTjJFAsAcLp3x3za7591p6wXa0BXNZwS9lTd-86UgKRk-5Rj3XlGcPEHbFLlN
Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame D2BE
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=smFbreACXVMc3fF6-0eJQA&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0oAR7dg9jT5jSFmGRA9K-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=smFbreACXVMc3fF6-0eJQA&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0oAR7dg9jT5jSFmGRA9K-575Ff89hGtvipkrd22u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:05 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=smFbreACXVMc3fF6-0eJQA&google_push=AYg5qPJb13_2o_Y0-1fw8IS7-t5EpXpYTD4A95MszpDllOs2ERm5TQpr-8Wf0oAR7dg9jT5jSFmGRA9K-575Ff89hGtvipkrd22u
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
238
pixel
cm.g.doubleclick.net/ Frame D2BE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPLTOCHacewKeJugSHhoxa_L3exNAsnWbXA_diOEbIWkCxbNzANOyesgWS2JfSP4BhArSj6E_fc5LM2GDhzvt2j5...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=bcdd51a5-bd79-4860-98fc-a9fa9c6e8e32&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D2BE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnIrwqsQjqzDe6sjz-sY0gpGXaYquI6FM-BNTEKfc97n8jBJhQRdb2cjav89Vriw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381798&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281947&bpp=5&bdt=127&idt=170&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=430267092&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=4542&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062526%2C31062297%2C31062529&oid=3&pvsid=4476057834210962&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1ok6sqq06se7&btvi=1&fsb=1&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 345C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg...
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5c14cea24131-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1538
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68ec5c131aaf4131-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnz1sv0l4f5wELdsfGnwes&google_cver=1&google_push=AYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL7CtsIkpZSIf1hYuarK_2KyIaEWweb3sOlUYkcOvO__jYm6PwEcIbnfGYzhsRbALpUI8a8fBQoKUE9-3Nzr6UIQOx3WYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 345C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBBqNqQBCyOLTC77ni5MiCE&google_cver=1&google_push=AYg5qPKkYnuPPTYizhFHhTFmSFYkC5nQWYd5lMT8VzrRJZLCLZWCPXm_YJO1BQtKNIyajJtdTjQAMpJPbNPpGItptw8htHJJWjmh
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=03A29AB297494799815227AA5799A126&google_push=AYg5qPKkYnuPPTYizhFHhTFmSFYkC5nQWYd5lMT8VzrRJZLCLZWCPXm_YJO1BQtKNIyajJtdTjQAMpJPbNPpGIt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=03A29AB297494799815227AA5799A126&google_push=AYg5qPKkYnuPPTYizhFHhTFmSFYkC5nQWYd5lMT8VzrRJZLCLZWCPXm_YJO1BQtKNIyajJtdTjQAMpJPbNPpGItptw8htHJJWjmh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Sep 2021 20:28:04 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=03A29AB297494799815227AA5799A126&google_push=AYg5qPKkYnuPPTYizhFHhTFmSFYkC5nQWYd5lMT8VzrRJZLCLZWCPXm_YJO1BQtKNIyajJtdTjQAMpJPbNPpGItptw8htHJJWjmh
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 13 Sep 2021 20:28:04 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 345C 		0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELzHYAq-8RLz1Km6TwF6Jtk&google_cver=1&google_push=AYg5qPLLwC3qjYmY6Y7ryGlCZmiUSCEiOBwTzL0KTQqXEOnGgz8smlsZEsjBSqMQft30W03DarQS40g3XvX4_9MV5WVrze0N-BEi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 345C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABQlPFOyaxQWFC_KMG1Hfc&google_cver=1&google_push=AYg5qPLyzOMXV-JGlCJXk08l4MZC__dHEsKLSFV4XAiXII62TjJ4FyKhF4Wv10-f-VDY4O-9FHDrxVVe9zXH9Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4OTUwMTg0MQ%3D%3D&google_push=AYg5qPLyzOMXV-JGlCJXk08l4MZC__dHEsKLSFV4XAiXII62TjJ4FyKhF4Wv10-f-VDY4O-9FHDrxVVe9zXH9ZQRoa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4OTUwMTg0MQ%3D%3D&google_push=AYg5qPLyzOMXV-JGlCJXk08l4MZC__dHEsKLSFV4XAiXII62TjJ4FyKhF4Wv10-f-VDY4O-9FHDrxVVe9zXH9ZQRoaSKpkASYixX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwNzg4ODkwMzI4OTUwMTg0MQ%3D%3D&google_push=AYg5qPLyzOMXV-JGlCJXk08l4MZC__dHEsKLSFV4XAiXII62TjJ4FyKhF4Wv10-f-VDY4O-9FHDrxVVe9zXH9ZQRoaSKpkASYixX
Date
Tue, 14 Sep 2021 20:28:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 345C
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvg...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIKgh6fs0PLfVgMFmkZ4Vto&google_cver=1&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvg...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sWJo4zw10oKQDh8MW8tMLg&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvgXTOaeRCwkrXlwnx3hnFM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sWJo4zw10oKQDh8MW8tMLg&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvgXTOaeRCwkrXlwnx3hnFM9pffnPyGP6oEWhFoXdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Sep 2021 20:28:05 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sWJo4zw10oKQDh8MW8tMLg&google_push=AYg5qPKnWcAkB7yaGbJBVXfXbcaUbbJEKQY0KaFxjLPigXb1XxBviPAXpkSvgXTOaeRCwkrXlwnx3hnFM9pffnPyGP6oEWhFoXdF
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
238
pixel
cm.g.doubleclick.net/ Frame 345C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDqcDtfg13bYO-dVtiqokHI&google_cver=1&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyN...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLFBHV4S5khgPMxTawcKwYTZqMFU3SHAtvd1ryS9aLsFOGlVK1C0NGIjLHBOuheEETIfCT9YmDnZYiKd-ghHUyNcPTD5hll&google_hm=T3wvndZCSniAgFsAeOWNDw==
date
Tue, 14 Sep 2021 20:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 345C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LV8w_sEFDybPFBzzowtusnZDUXAhpF1ei0R87W_gOReD1R6NPeZCHKqoxNa64wSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381797&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631651281990&bpp=7&bdt=158&idt=191&shv=r20210908&mjsv=m202109130101&ptt=5&saldr=sa&cookie=ID%3D099185d53fb47ef1%3AT%3D1631651275%3AS%3DALNI_MY9r68ssEH737UqM9gxKQx_xZV7fQ&correlator=508110068192&frm=23&ife=5&pv=1&ga_vid=1947967339.1631651276&ga_sid=1631651282&ga_hid=179614526&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1034&ady=10727&biw=1600&bih=1200&isw=336&ish=280&ifk=3099487461&scr_x=0&scr_y=0&eid=44747620%2C31062492%2C31062297&oid=3&pvsid=142190557548508&pem=658&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.renmzbv9cm5q&btvi=1&fsb=1&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 258E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 048E 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6554031f30df2024a6957fb7b1e664c48babdfdab91ae8297141eb0ad156b297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8480
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D047 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38c33a38f3e7512212b60bd7d70ea499454571ba16ccb66751d93912a1d05c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8378
x-xss-protection
0
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 3F5D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 58BB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
optout_check
beacon.krxd.net/ Frame E10E 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.138.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-138-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
75474aa2f75956a166e1daea049b026b56952d9cb00a9a06e176f56dbba841aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=32 t=1631651285
x-served-by
beacon-n019-dub-prod.krxd.net
content-type
text/javascript
sodar
pagead2.googlesyndication.com/getconfig/ Frame 10D8 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a6c407a0b0284bf01c5464027317de48ec6f7aba81c201f7da00e3c73831a474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8525
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
533aa480a66feed11fae2f2609d29c031c2b4114a30bdb69bf0d1cc006e18820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8604
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.correiodopovo.com.br.mcas.ms
URL: https://www.correiodopovo.com.br.mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:48:38 GMT
content-encoding
gzip
age
67167
x-guploader-uploadid
ADPycdvoHpwwOvK_4jiO2lYfN0aRT8nZJbqXU9Hj7mPWA8CbDDryadCYUfyblTFISKN0olmCwRFwgZvAPbT00f_3kiuT6lks1Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Mon, 19 Apr 2021 15:43:33 GMT
server
UploadServer
etag
"090fb4b641b03e182ef8a7fdc93d72de"
x-goog-hash
crc32c=VQO11g==, md5=CQ+0tkGwPhgu+Kf9yT1y3g==
content-language
en
x-goog-generation
1618847013991944
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Sep 2021 01:48:38 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
54a24c63a70adb872b4ba68531909073c0a9b1771927c424ead91b45fb90ddcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39293
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:28:05 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4a794999266cd38cf68b10043b57f089fff8c21ecdad8425c2a0f07cb6ff1a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39295
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:28:05 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ada56f3f2777329d860613d0490ae704a3b7db7087cee61539525901c81c3d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39311
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:28:05 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
866e863e2967e9e6eac18f36246b71c249691003ab7631056b20b97b7ea204d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39254
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:28:05 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d6e01d4f0f46aaa54139ca3c57b76373b577483b5f3a7ed0b18381cdd9fd262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39259
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:28:05 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s27-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0e1793a78584fb1513312ac6ff1a2cd8bee8aeb7d21a99c7dc0f02890bdb9dd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39262
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 20:28:05 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame 7AA6 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame CE7E 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame D885 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 3A9D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 258D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame F22D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 0E62 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 8D93 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D047 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 14 Sep 2021 20:28:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 048E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 14 Sep 2021 20:28:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E10E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCCkKlHVVCWPosTOSMMTjU1s_92An7Gn4jjwxhKBk-8QzT63JCetrfr1WiIW8tSC9OSpEYZgKBhdldBECVflgCBBNhESYkrySNboxjz1dejvw2_yrbnA&sai=AMfl-YQpXofjZMWE209bHRwLaHb5bNoCRahtkpXMPHYpmrrN7K3bAvUmpbuVuyZs9H-MfqfHlOpHvHXeRwAWNyryplfwvvwpmiODQZx26zK7XyLPh1Si2FFI59k8WFc&sig=Cg0ArKJSzKF_7mP4CP0cEAE&cid=CAASEuRod9_hrBUM_Hn8YLvMFepqsQ&id=lidar2&mcvt=1072&p=0,0,90,970&mtos=0,1072,1072,1072,1072&tos=0,1072,0,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=20&adk=16827289&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631651282080&rpt=782&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_adview_.ad.json
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 		0
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=30859326
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:10 GMT
last-modified
Tue, 11 Oct 2016 11:19:36 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-length
0
x-cache-status
MISS
content-type
application/octet-stream
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 10D8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 14 Sep 2021 20:28:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 14 Sep 2021 20:28:05 GMT
social
am-trc-events.taboola.com/correiodopovo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/correiodopovo/log/3/social?route=AM:AM:V&lti=deflated&ri=0ee4f74d75cf6f1e85ef0fd5bc832440&sd=v2_9f41de430f6ec4267ab8ca08ba4d8596_f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b_1631651275_1631651275_CIi3jgYQzeNHGKvI-q--LyABKAQwODib4wlAgYoQSJOu2QNQpOwQWABgAGj9wYbU7pDul8cBcAA&ui=f0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b&pi=/&wi=-5703500169402860967&pt=home&vi=1631651275819&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F%22%2C%22sref%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=20%3A28%3A05.294&id=2682&llvl=1&cv=20210914-3-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
optout_check
beacon.krxd.net/ Frame E10E 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.138.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-138-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
75474aa2f75956a166e1daea049b026b56952d9cb00a9a06e176f56dbba841aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=32 t=1631651285
x-served-by
beacon-n003-dub-prod.krxd.net
content-type
text/javascript
CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 633C 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2173874479230561/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:18:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Oct 2016 14:32:08 GMT
server
sffe
age
598
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104232
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:33:07 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 07:32:10 GMT
content-encoding
gzip
age
46555
x-guploader-uploadid
ADPycdsaczd51pNLKwjhB-5wxWlVqijRX790f2c0H4G9pJhNPLuqZlXFoRhtwNabAp4D9PH--8pafB8ySj5WNqh89hTY_2dAJQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Mon, 19 Apr 2021 15:43:33 GMT
server
UploadServer
etag
"3f338dc5c15f92841113b0350587be44"
x-goog-hash
crc32c=sfk3og==, md5=PzONxcFfkoQRE7A1BYe+RA==
content-language
en
x-goog-generation
1618847013907660
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Sep 2021 07:32:10 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-correiodopovo:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1631651285&tM=referral&tL=referral&tN=referral&tY=3&tZ=639368275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
content-type
image/png
alt-svc
clear
content-length
70
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f2.1e100.net
Software
cafe /
Resource Hash
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
server
cafe
etag
8182713160943572198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:28:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 41A2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 14 Sep 2021 14:48:16 GMT
expires
Wed, 14 Sep 2022 14:48:16 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FB41 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
GSE /
Resource Hash
f64b8deaf16a2a2eecda9c082f4c96bb36c0b7f01fa7bb788fbd1a3ff624e8c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qFsLvxQ9/+UCkU3rgQbhNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
NID=223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 14 Sep 2021 20:28:05 GMT
date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qFsLvxQ9/+UCkU3rgQbhNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6231 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 14 Sep 2021 14:48:16 GMT
expires
Wed, 14 Sep 2022 14:48:16 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E1E7 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
GSE /
Resource Hash
b40c3618f871a553c572f04da5f73728405a8ecccb3308120008d422ee7416c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DF9qrB5i22lTzsdzlKE1XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
NID=223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Tue, 14 Sep 2021 20:28:05 GMT
date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DF9qrB5i22lTzsdzlKE1XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A14C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 14 Sep 2021 14:48:16 GMT
expires
Wed, 14 Sep 2022 14:48:16 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D104 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
GSE /
Resource Hash
333bc64f2d2ff92d8b0723d889d9c9cc1634fec09e939546b1c7d0a0b9ca7de4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9NebADygSdhzAbScsFNXLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
NID=223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Tue, 14 Sep 2021 20:28:05 GMT
date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9NebADygSdhzAbScsFNXLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FA99 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f225.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 14 Sep 2021 14:48:16 GMT
expires
Wed, 14 Sep 2022 14:48:16 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 61C2 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
GSE /
Resource Hash
a316799bc4e07ad690bb9952ff5d5fb050d90e3c7acd87d35987dc13ea6e7bb4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SPgLhZWS8n0pKej+Ub/Ntg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
NID=223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Tue, 14 Sep 2021 20:28:05 GMT
date
Tue, 14 Sep 2021 20:28:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-SPgLhZWS8n0pKej+Ub/Ntg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u
b.t.tailtarget.com/ 		54 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
2a9727c8c9067df9a0bf2a7092d782436c6b91b0489dfbb0952957e024eb9ebe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:05 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1631651285927&cv=9&fst=1631651285927&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
3624134ab5cae3c2a0eacaace483770b0f7280323b440b9d18f207f33b1f87c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1631651285930&cv=9&fst=1631651285930&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
b05bb972a75ccc08b006642ca27d5d247a5a4018cdf00dd593526c3dfbf9cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1631651285931&cv=9&fst=1631651285931&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
b7b99c8b1393f3831b2afd8e6aee8a95eb4b16d7241809d698acbfdb81ebd96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 633C 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f6.1e100.net
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2173874479230561/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:17:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
age
640
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
expires
Tue, 14 Sep 2021 20:32:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E1E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=4476057834210962&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FB41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=142190557548508&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D104 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=1640904549810464&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 61C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=599572198568463&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
/
www.google.com/pagead/1p-user-list/801247112/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801247112/?random=1631651285927&cv=9&fst=1631649600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=3687073713&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801247112/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/801247112/?random=1631651285927&cv=9&fst=1631649600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=3687073713&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 41A2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 6231 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
/
www.google.com/pagead/1p-user-list/AW-931232517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1631651285930&cv=9&fst=1631649600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=51674924&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-931232517/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1631651285930&cv=9&fst=1631649600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=51674924&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame A14C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame FA99 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 06:20:43 GMT
b
b.t.tailtarget.com/ 		114 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007FD5054161CC062C14023F5122&tX=b.52&tZ=69223585
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
537c3a68a2eb79e3ff4e05ab7bc1ac571585f15783f7822461a31a281d673dca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:06 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadHeyBATkzFARksFAQtjFZ3JNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:05 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLHfxBATkzFARksFAQtjFo1JNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:05 GMT
/
www.google.com/pagead/1p-user-list/814785950/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/814785950/?random=1631651285931&cv=9&fst=1631649600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=1162471779&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ber01s14-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814785950/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/814785950/?random=1631651285931&cv=9&fst=1631649600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=1162471779&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 258E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBzs90gVBYYKuHcrA-wbJ04eIBQAAAAA4AeAEAg&bg=!KCulK2_NAAYT0U73E9E7ACkAdvg8Wt_RyzHyXE0ROGvoM2HiQ4eeRSX9I7PNDlG3A5NL7tQ9zE8IlQIAAAQcUgAAAFtoAQcKAKsIeUXiFWfg38D8kR2EXWP-1QZ07q79-7IrLx7AsarhuWG_HF8yUAE7w0vuMmOHWgheZ3nPJtKzt4ESkXUSCNyBmn6qHwC7azFqDPrE_HufTd3nRvadiNxfBSiFqMa10KACA76RDY6gDurAASkoFAgi71uMdPnlYYpGtJO9r5ZivRXj0Ot45yTjE8m7fJbrh4X-YwCxgZgQfll7kEVYDPtbAF78EZbxnN8keTqZAtsBHOjPotSJn7XdklE2cbedNo3RPhMagTM-y26QEGaFG2c8NT1GoCm3WwBpSAUWADaJeF7piP-cCahguv95Jg31MYgioQtdyJG9_ABYdcdAkqGMNW4AVcebQ_b0Kyx4_XJCAwvCqjLpWhF9c-BRKu_emkstDqPCjnTIA6NFIjsKATDcztYfiV9JTeN5li6wHGXvj2I-9WPDbSxqN8hHBQsjMS1UqK8Qz0MjZqwAQYt6H9dD3_8ju-A9_y8dBnsIU5aF6Fmjay3mjbHORiAQ4BnN8xjQsX5E2HKy33cXqkaJRrOuvHAIhnXd2EvEpkZ01FtvAuV7KKsTwhFFpNGGigGDldvRVRbddsZQEpjpidgN-XFEBVx2oO5pNXadJG08w3UdCSWLyEt0S1QAxgr3SJw5_FernRtHNvgHuO58lexcaOZUqfNaoVHcqxe7-pLcI1C1oMLJIAgVJmfnG85NLqTdBRlx_SknG3Fk6GifvLHzaiPOOp-jceddSQFJSVtmykT_n8fFe71DG5FfIljM_WBVNvHB5Ev2oohPMjFIoRpB5mLCdhJQKqD9BHKCKmAx1_rnPMDVyaMfBvWANZ2XGTMIBr8hmglz2EgPRvNehzArfjSWJebyFi5lEnVKfm3uT_mk2PrbkwHki6bIBIrg5XS4d1nUXkM2JV8KH3rSRm3R_4Voyw3jFEUVv3w_g3ynHfRcNqvCttuw5UIUwsvB5k1SF4Vmy1DEFumPcRS61GuUDU1xza5pAlybF7TfBhdkU-OiNaBGQRZz7Vzkt4A-vE_52RpWF5cxiMizR9ODRcUzz_rlVe8kI1u0-uGsSfssj9dOb0_PhuFpRu63aiQTr1-H5gctRduI5-PoTC-zAJqivGRmtoVGqDwcqMP9JKt66IJ3xZUqDYIKpwBmxArtI32dEKI0YRXipjdxVHBulTKSKehJnIFIcLnesPlgfv5Q0lnjBMcz3RFqaxX89g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F5D 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTOH00gVBYfyFJMez-wabNgAAAAA4AeAEAg&bg=!FxSlFFDNAAYT0U73E9E7ACkAdvg8Wl-UPhXT9tRvoS_xAI97XWLZhgFVBNBI35nppIxNMxyj6lE2lAIAAANcUgAAABBoAQcKACzJNczShGDGFlPpisSMOfP56wd1CtIed72KHgnqp_sa5U1_JnF5whucveEp_JkC9_DDJ3R9VdOzkBiQYhcezB7TcvBi3RfbTUZbKrRGEQv0fU3-zPOMAC-E4dyZZazw_tdjALqeO92t4BlhHfWaIsN8Ede_kUfhhoAgy-QtAWheruoyQV66YoiePlJraTyt0_byY0qE0PFN275V3uzfHREuNqC-zSXKR3z0VpOpwMBtcusfaUG1GHGoNd1QjIqGnEgvZTUSkr70blNdDlPeEP23o-IGC1m572pJO9J2AzvA9nA7c2UcbSSYEHN8HRLWegUbt5zwvAsk0UsVmwBm2xYT8LqtYXIYaJrXeMZJQfAmJ93xdM3jb1_gBGYLbYAScSt3XWSx21p_Djmc_IEvqw6VUnpeWI7u3cYb3A0GNLfQRoGTzHfJig5DjeVFGC74t_tKsvdw0pQbyihkqYXdptRUcidqC84c4x-anA0_ifqCObaNtv8SF36sqwQcbmOWXo3xJWRRXuMB1xpbAv9LAH3JWigHEmlwEoOkbzvYjBUWkdvo9vg2PDeMFnFaXr78MkcOIFtYHFNOsf9iEgLw2BM88k5NWfI-iPWB6jbuqE8kiE-t6S6fRbaVeleF0IZ6wtut838QFbxTtmgqT0iMopcU-EceSj9F92LC8D9KYz9JAjfpKBXqKCrQPIcGYqpCSMLjgqixVyBU3tAh8k_pzP5uxagzN-L0p-Oospz-l6CSwJYAeoVqUQa9SLZ7GD-8yh74guCOGZwXAshdAbCTzMYDkrU_EZnSQBjnb81esrB8lIIK4v9KKJWPcDs_Id5n39W8pTcxQ3OQksynGwl-5d02tHem64blYjZUZ2oRflXGIB6LZZv8PjGLPc0PbaiUkhY0VuXk65asZ1zVROmV6K63sk0dtdAVDKxb9FU881F2nV6vp23i-9CY4ZM8INekZcfGMHmGwqjyWaxWXLbtX3waw3IWw9Kns6nwJArfJR9Hy8fSQe4FrQyFJk7m1ZSRXRLFzQJDCPOCrWcbamkkY8ygNuiLpdykPIR0TSJvNmPWrKGpVrZREg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58BB 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoYP40gVBYenaJeC7mLAP8aC_yA4AAAAAOAHgBAI&bg=!09Cl0JTNAAYT0U73E9E7ACkAdvg8WjFbo1outgaQkrewoAYOqYVvbyBdt9OybBtR2tCtt_S-8VMHoQIAAAM5UgAAABBoAQcKAF-rr4Q0dbEoRHrPKaCWb7SS62Ub-pucZHvOCQUpShPiMLzgILTexlKVqlUgz5zBrpODVUAO-rejVTX2ALQTrQB7KKU_VQa3Gi1y-D4b7CWXpKj7jmH83U1nN9NBoRxgbpkDAPcbvNdTZCyqjNYq15UHhNKvl6y9-Rssgrc7yvxaPzRLDFzuMhvj-evETszmZ1XDM5_Gt5XisMdjbGA7BtcMskroyw3zF97pdW4uvvYvOxh6fzxHo6Y44ZilRPS_zoPPCu47oGGD27G-htKWYVLUq9oMHEahW4DP5o1hh5tvR0UTacrpWBEyOF6YGc49lKZ46vTrue2WSfNmcmbc2daxCZ6GWE2ltsE854yUXC0eby1JhYvZsbCBd4aaJx_xsJWZn5tQ34jLkaNIWQ8FUOOu2GsbUs2psYzm1imA4cvOdLoONBbcJg_qPesxZGWqox3QAdWGa0iSd8aQIZOBRnulpIYE-1rkXyFNLFn_wFTgK8BYnxh1oCNwYPe0CTnW_z286EqzctxUvGwYojDsr9dIoaECctnz6j-ZsGN5BDvOyTFYQSHTljaLqQm1ggCPEAQ_rAYacpYSg_HaDSc4_IQm89l0IVsx2bNEhJ4YIaKA2Ye8PMqbwkqXIXNIFEqsHWrBCkpI_LiVxoBRQmXNI865tlNb9lv-G-5zm1QkI2jewxjHpyHLsahZNSgSkKgassOfNcXhNReglA8QRkjyy_NH84VkeM1PTXClr8AHG3Fqrv6RlFkMI9VZsxbezBJHZ0gBEEaE-9IYlpWG4Yu-iElHXGwDTqh0CbcnjV9xVzChWiV6gwVXckG9s_nz4E2AL0QI-KajORJ-sLdT7zVCDnik4_ZkCIcAHon_m58ZG8UQhCmPXFO0Ymai6X2S1TevH-xTh_Sn2bRt8QrdeYXExe_pl-Q5BIRaDQSh-AQNzRppU6yQMOc8ArNJRPF_fz4YHE_bK4juDje8Y6DXmyuqi-L6X_sGg9JPCPuUDIr187-3SSrd_vMW9agshLNWztobx4s_WEPNkh39C4S6AWoi4QHIDWq3EED_O4WMnWfO4r0CdRIPYS7MNKGjbbu90dGdSC5qJzOhgpps0kGQuF_fBNi-f5fAfmGueb14pNE6NwbMvirRWtuO0cVZbkFqQdQwSr4u-A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
tt-9964-3.seg.t.tailtarget.com/ 		83 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=377122028
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
d751fd7254ca2f402e056509fa833a37505889a2919e950c8c07aa9ca61b5199

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:06 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
tr
www.facebook.com/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 14 Sep 2021 20:28:06 GMT
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEF8vbvi3PDp5mruPxYtOBDM&google_cver=1&google_ula=862479430,0
70 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEF8vbvi3PDp5mruPxYtOBDM&google_cver=1&google_ula=862479430,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:07 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
clear
content-length
70

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEF8vbvi3PDp5mruPxYtOBDM&google_cver=1&google_ula=862479430,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1631651286219_3632493261&tJ=CA15795,CA15771,CA17813&tQ=par-correiodopovo,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FD5054161CC062C14023F5122&tX=b.52&tY=1&tZ=607479074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:07 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 048E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=4476057834210962&bg=!9fal9rLNAAYT0U73E9E7ACkAdvg8Wh5OOd7HEV9JynUiHupF2l-RlHC9QKoUlb1fYjiy-FyynExxfwIAAAJVUgAAAEFoAQeZAqqfEg6WeCgpTGqwAP7FSw8hvuLn44K7hvrv3su0D4RgBR63cIL1GgnIC2bMyqSpexMZSRw4pjAUFouN4KrcAWzdV--vqYbZz8sTrohFr4k3brnVDm7jYaNsFtYJNlXwZf5wMq_5O90exTCLNza3zgZCgZTIhloWafqEXvBlTp0DAmCFukQnBmIs5hP2e7lu6WIW88j81OfRSkT0Eg6QnnqmBgoUne88k4uMq9gQ_quWhUnc445W9uta8zbgiRLxR3pKkVICn0SScNo9VioU46-EGTxMJRsc8Hq2aMfcvafSXHdpDprzCfVGKOqepEkY1V0oHnj-EFBxGKstBsYVfIDLjjH_VFdmAuKx5W9H0UPaMjH8ifv5rOn3AQvIcXKNrfFD02OPiPuJ7g0GWtjTodvDhCwaCMT_nXZH0CNViKgTP_mnVoO7H8Xuuu6zI2KdT4FNPb60ezy8ZPIamn1_kSYP17SEtj18_SEdw438UWNHRXvmvpyzV3rzqDGAoF4lMBVH18dwtn009pOQLoNhcJJFRwmJUF5xJFz5G07AJLPlJ6_u0QwI_QPuvUMd8X8zEuYlOfzt4wZSs5tnbe4VxUaT4HDffHnvdyl_fNUj7_SuoYnxFTCQqzNA1znQhhfyPUJjcuwZZehNDr3aZrE1obFBSesh-jCgzpF1HnOi772FUNljJd-hX6j_d5cubg7J_KpSUbnK427-4Xp81aJln38Adsys3Kw-HdRifCWijPh_JJ6qZw_lz1L2u09pV75vzStk5DH6O92MwVGQ0SPdeQhSAnLpEa7ZpxDGQCeyRkJYeu73jo6HH8cBnqv4LGF2JH3-5BngHOkIkNZmbVAW6t3o_oFUDBzgaZzzhlmJ2Y05Nw--krSGIiJt2pj07ihkjbFUFQVR33ljI3Es
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D047 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=142190557548508&bg=!q6ilqOzNAAYT0U73E9E7ACkAdvg8WlZE74qhdwxsRCoxeERkKGdhgdvF7amqUd4d0lP_VcxB7CVVZgIAAAKRUgAAAEhoAQcKAFjmL2nQMGELDO_9IC9K4ktUu2pb6lgN-J9EXdMY5w7v1Vyz90vxYd_OAHUQsCDmFH3wOC_cohlHeuHQbZueK7uijlsy9nZUY1mUNRqBJwtC7TFLA2HYmFMJmQKtjjSL_qSVJ2dPLznN5qKkzfsVilR8HTR3teVpCRH5a37pYKcQXGKQhFxp_bye7SMi0nU8G8EZ9sjVt9p1QEIuOCAUNVk_LFM6UKK7NDecQprvUPvpZjOAe1QJu0WE-RPkYpiDJAnBcjxb0PHCgg6yRVgDlNhgwbuPONxXh0Nbem9ru6dgqPUlKATzQdGggd5qTqqdq0SHfIeuo8FIeebje12aUimrOmhPgmALQeuM0qf6ZEI0T1mD2rvFJNghcn1BDZt1hYJ18S0_ymvgWTjd0AIkK0-e5D2qp_q7xeZ-IdWJJOawO8ykGJJL8k0nSwYge5LCGBLeTJZRVIglx84YXD4oTkYZ-A5JCTlBaGH_ulHqk1Q3EBRehAjcHvzEMIFbed52bg9ICfIpuBQDF58j36VeBsqP1NqE4XrlUl6OH01Yr3-ldyGpBpt_BncGIKdVOjSxUcvGzxG2Gog83Adko0riUt4SdimJ-q0XjdqHLfnbsFrmfiKPoo6VSbYocDIDsNr1Ez5w3Y-HuM513MZjrHowt7uW_UPxlbB-SgldUStXyW4BlnKMMoy692Ne6bpwmHabMgeXSilLjtD_2DetruSHZ0Mes7cqe7A7_G3uum1cFG56o7uzV88w7FAYjHqovN3N9h4dYJOH7c_-2s7YKXSAc5eWVEi_i26aRJhVKTPGtmPxP-_GscP_QGjNFRCcPTHqTOCnl-0g1UCkDh3hCNNGirfQvEO9t89TjZQQsy24zq72-rJBlnGo3oZSshrPRrTczJewkMPAVXoE7-T5Rv97QaM0JDVltsiMXZjL2857_1GQILVhzxkH4MfliOCMMoSHbYQojHTb03t9CIp3o70cwoG4nuyVqjqmosCLgkJb-GlgtrBzYU5BpC5i12WcTSTxF1-flGDQyO-SmA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10D8 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=1640904549810464&bg=!8fKl8rbNAAYT0U73E9E7ACkAdvg8WuoqMgb70JKX4jAGkSAkoIvwUJ-Ta9vRavslCENMSYWs8FgsyQIAAAJYUgAAABloAQeZAqKvAu0JEsY7ECvtAaM3wt0NVZ9YnUCg92e4G4Jf_La4SrD6KUdM8dF8Lc2OtE7uUW-XNEoiGWsW57-1sMmir445R7xXeW3VkUTmNoe6eakV4aDiPQa-hQc1h_mPImQUL8nWE65au4EbEPhwXxi7qxt9FAvbdbNtgByulZW7T7-gpP52rH8CsMqhXyRybBhy_A5oMsiMsBNo_AGrlQExVPM9w2fKYrojONnv9bU4oE_8LAa4tHDy0VJlzMFEWaJXtWj68Ns40Lmh7KOEZ1TCUCFyMxlLTxVEN5SVFbVfY-0IPJX6ZoGeAXgSKTGDouxtZboMGyr46p_leai1XieUTY7KXDI7fFXMMZIo5fvlWLQliWvfnni8LBR0ftnBUDSpMclQALxFCqXevQcFgqWCHhrXiT_i-qxGT1XstV1tZaEGxBeIo_NrStf3ta1eI-RADta4EbIpLTEePV9RLpFVYRyyvZV6qj5Ca-0lTSv2uBsUcmL_iU_IxvnuzpI6ISeXj6HJ0iVKnzDIuJ6ljoEKXvVe0OsKwm-125wwgAIUcEKPkAG99fdapiyO9RW2qaalX4iDVLeG6EElI3K7NUqjLmWmcvV0HuIh2NCtOgqyTk0nBfUJE_DMYnZtnMj85nddIoaixSczK8jsZ5EGpk2pHcoSnvjeLZqJbIHIy9jouq4BGl0wCAF3kD4KiCduwE__53mMuD4npJ4rxgWdfTWVukiHEGJuhqO7thK3BQzUcXpPgH5N9-zdxGcdOzEYkR1cfGOtS0uD1B_8TINchdqLcHn6v08_J0FGWPUTrx0wb9ZEflR6lfQh2vTX8HmqhkATZ4wXSIzt2mKAGn9cIPpT6LRYafi19Lpw4TsjehlQCJ6tokyxC9bCL0YDHoW5GmDQGaC4XQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=599572198568463&bg=!T0ylTAjNAAYT0U73E9E7ACkAdvg8Wh3HeFRdW040jZcrGSZ10xMmLmR2oTbaOWGPK9jS-BB8Uii9eAIAAAJHUgAAABloAQcKAK-Gk2R_m9jmW4FBuWrqNLPblDWecav8gSm_JqX6ixHe56Z8BU6yhz0mNSKIx2QrYWRNEHFZGaAov-VuNNHNUp9FCI9PeHj8z7rs3YaiHfGK28sYUERiQZeYcDZ0ctr65CPaBa_r9H_S19hjFrVGuc9kGTkNyZPg-1f1mBmLKz6pLqY8uznCw3CbdQ1P6Ks5n2xqoJST4RPQl8zldg7PDPlXxZpurvs2HW3KrHj4VwagmQKEywUpZXSWx9IlmFYvKc7z66_3h80L3f3IvwKE4H21wvCyUxFAKIBlOc3gtjhvT0uVsu3uuojceJ7d-5DOaigDYyjctHSiztEbpRDv8JwJ1bxDyxeiE2jmfVr1e3A9I5poUOoGCf2P5qE0k85Mq-_H2g3X1op3ZwQ4N3p0MHgsmrLttc8zX_4tA6AXV7ExoBrAhLGkG-a3bNoZUr6QF60CW25MGABgpzfB7V_lDOuwvIbLZCBr8FkmxGt4l4wDQ-Rb978GuSGIU1DNXFuzWym2Seut6cQym3UVnWnD5kx_tmDIEKX7koR7fcilJANGybYyenhgaAUyVJJ28tGjuImTJBCO-T9POQEvXJpsu85yBYMPvS53clpfgHl7ApeRNUoVoGst3qVknfCd8-9oBlI982ocydXy0fZzRONBZDKGTWbCZJ25Uyv1FJtDo18Caynkim1qOTjcSjkYszTG3Z7MFzPvD2xLyHRldVccN48AiR5Vi1xKoqcQd2YePINYdP3B0PCZN2NzeLOwBqFzQAUZepf9QYj2fsre08ucEIhrWlPqXeQHe9VyGarlITypvEzGDj8SYMij7AJ0IQghGgQqDA1UL-CcuJKtaJNog3PslfeFKzUDlvXAToKAsnW-tGgZ3mkf7nwNDsaa3O48mGf_nv2Tok97_N6g_INdPXT9UW5T0L_e4Blle7nwn2HyzvWPnPMdLXMZ59JoQNHk560DnzEEEdH4-Ld8TLt9aIveyJIWMFLBG-ibLM-d2u8ze8AgJNuHFfWMKEX4u8UaqkSSyMnyMKmjuBVHqKBbavtqBtsEW8wHep8IL3RvHQLJBAOEvkoZkSYHR_ry5Rz9YiGTNcTzNac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Tue, 14 Sep 2021 20:28:07 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
dc_oe=ChMIsJ231qb_8gIVct3eCh0CXQ42EAAYACD53-VKQhMIxseI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651289020;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C8A0 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsJ231qb_8gIVct3eCh0CXQ42EAAYACD53-VKQhMIxseI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651289020;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI08jm1qb_8gIVrQLTCh2oOwkJEAAYACCQlfNKQhMIx8eI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651289147;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5FBF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI08jm1qb_8gIVrQLTCh2oOwkJEAAYACCQlfNKQhMIx8eI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651289147;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
105 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=22
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:28:09 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651289.485273,VS0,VE10
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
tr
www.facebook.com/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=432617183539790&ev=Taboola50view&1631651289471
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 14 Sep 2021 20:28:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=2&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=9&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=10990&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=9718&an=5063&gi=1&gf=9207&gg=4552&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=9718&bx=5063&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=9718&cn=5063&gn=1&gk=9207&gl=4552&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10780&cd=6125&ah=10780&am=6125&dq=10081&dr=5426&ds=10081&dt=5426&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=77&vt=148&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=9718&fj=0&ef=0&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=92879371&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=10&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=10993&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=9718&an=9718&gi=1&gf=9207&gg=9207&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=9718&bx=9718&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=9718&cn=9718&gn=1&gk=9207&gl=9207&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10780&cd=10780&ah=10780&am=10780&dq=10081&dr=10081&ds=10081&dt=10081&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=148&vt=148&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=9718&fj=9718&ef=0&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1250848521&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=11&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=11002&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=9922&an=9718&gi=1&gf=9411&gg=9207&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=9922&bx=9718&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=9922&cn=9718&gn=1&gk=9411&gl=9207&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10780&cd=10780&ah=10780&am=10780&dq=10081&dr=10081&ds=10081&dt=10081&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=148&vt=151&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=9922&fj=9718&ef=0&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1906376101&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=3&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=12&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=11003&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=9922&an=9922&gi=1&gf=9411&gg=9411&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=9922&bx=9922&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=9922&cn=9922&gn=1&gk=9411&gl=9411&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10984&cd=10780&ah=10984&am=10780&dq=10285&dr=10081&ds=10285&dt=10081&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=151&vt=151&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=9922&fj=9922&ef=0&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=593068365&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:09 GMT
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadIqBDATkzFARksFAQtjFNyJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:11 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:10 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLIrADATkzFARksFAQtjFcwJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:11 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:10 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Tue, 14 Sep 2021 20:28:12 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=4&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=13&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=15435&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=14355&an=9922&gi=1&gf=13844&gg=9411&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=14355&bx=9922&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=14355&cn=9922&gn=1&gk=13844&gl=9411&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15417&cd=10984&ah=15417&am=10984&dq=14718&dr=10285&ds=14718&dt=10285&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=151&vt=219&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=14355&fj=9922&ef=0&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=490823384&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:13 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=23
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:28:14 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651294.483286,VS0,VE68
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=3&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=14&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=15991&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=14758&an=14355&gi=1&gf=14247&gg=13844&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=14758&bx=14355&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=14758&cn=14355&gn=1&gk=14247&gl=13844&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15820&cd=15417&ah=15820&am=15417&dq=15121&dr=14718&ds=15121&dt=14718&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=219&vt=225&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=14758&fj=14355&ef=0&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=359202520&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:14 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1631651294609&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1264&pt=1077281207&tz=0&viewable=true&ddast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98b4e4e96abd2ac886205798f83cc63229dfc4a8bb193c179015ae8f903e74ff

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 14 Sep 2021 20:28:14 GMT
content-encoding
gzip
access-control-allow-origin
https://www.correiodopovo.com.br
machineid
1474
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11566-HHN
pragma
no-cache
server
nginx
x-timer
S1631651295.614863,VS0,VE125
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
dc_oe=ChMIgt_b2Kb_8gIVSuDeCh3J6QFREAAYACDPnbRJQhMIu7vG2Kb_8gIVWhF7Ch2KDA7w;met=1;&timestamp=1631651295059;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame E10E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgt_b2Kb_8gIVSuDeCh3J6QFREAAYACDPnbRJQhMIu7vG2Kb_8gIVWhF7Ch2KDA7w;met=1;&timestamp=1631651295059;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Tue, 14 Sep 2021 20:28:17 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
sync
am-match.taboola.com/ Frame 3626 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
30a259a035d5f20ffcdf6667bf50f62e4ce99425e13df39199f366e3092305be

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
cookie
t_gid=09e494fe-ea3f-4878-ac47-65dc69970758-tuct83a8b4d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/

Response headers

server
nginx
date
Tue, 14 Sep 2021 20:28:17 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3403
generic
match.adsrvr.org/track/cmf/ Frame 3626 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 3626 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.216.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-216-94.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:17 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
x.bidswitch.net/ Frame 3626 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-140-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 13C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Sep 2021 20:28:17 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Tue, 14 Sep 2021 20:28:17 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame D161
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=1855a0b3-fe30-4371-8239-96e12cc270bc
0
98 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=1855a0b3-fe30-4371-8239-96e12cc270bc
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync-t1.taboola.com
:scheme
https
:path
/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=1855a0b3-fe30-4371-8239-96e12cc270bc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://am-match.taboola.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=09e494fe-ea3f-4878-ac47-65dc69970758-tuct83a8b4d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

server
nginx
date
Tue, 14 Sep 2021 20:28:17 GMT
x-fastly-to-nlb-rtt
19324
access-control-allow-credentials
true

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=4cc37cc9-bdb6-4dd1-aa41-5f8fe998e7f5|1631651278; Version=1; Expires=Wed, 14-Sep-2022 20:28:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=1855a0b3-fe30-4371-8239-96e12cc270bc
date
Tue, 14 Sep 2021 20:28:17 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.js
eus.rubiconproject.com/ Frame 13C0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e79c4810102b289ddad74e8a731fdab545e666cb04cde36d2daa32c7a469508b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 20:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42254
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 15 Sep 2021 08:12:31 GMT
khaos.jpg
token.rubiconproject.com/ Frame 13C0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=5&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=15&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=19484&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=18404&an=14758&gi=1&gf=17893&gg=14247&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=18404&bx=14758&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=18404&cn=14758&gn=1&gk=17893&gl=14247&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=19466&cd=15820&ah=19466&am=15820&dq=18620&dr=15121&ds=18620&dt=15121&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&vm=1&vl=225&vt=281&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=18404&fj=14758&ef=0&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=796160721&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:17 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=6&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=16&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=19886&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=18620&an=18404&gi=1&gf=18295&gg=17893&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=18620&bx=18404&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=18620&cn=18404&gn=1&gk=18295&gl=17893&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=19868&cd=19466&ah=19868&am=19466&dq=18620&dr=18620&ds=18620&dt=18620&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=281&vt=285&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=18620&fj=18404&ef=0&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=186138226&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:18 GMT
2
api.soclminer.com.br/v2.1/plugins/ff61ae4712a440469640bd2f82aa2c35/performance/ 		20 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.soclminer.com.br/v2.1/plugins/ff61ae4712a440469640bd2f82aa2c35/performance/2?format=json
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ServiceStack/3,971 Win32NT/.NET, ASP.NET
Resource Hash
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Sep 2021 20:28:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ServiceStack/3,971 Win32NT/.NET, ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FpohR1iLxBal%2FRXn1YD5dHIBi8fMk7Yr%2BCM8ULQ%2BcrI1F4M1WEEZsAW5f3FjCeBgHervg9kZv%2Fc8JiVGWzFqgT6l3J8AGttXzpbv%2FXu4cLlQe827tiyLLZJv38e0xBWIVZ%2FD%2B8O"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
68ec5c681dec4126-PRG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, JSNLog-RequestId
content-length
20
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CA28 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,%20300,%20400,%20500,%20700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plugins.soclminer.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 06:48:51 GMT
x-content-type-options
nosniff
age
308367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 06:48:51 GMT
data
b16.s79.research.de.com/ Frame C8A0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b16.s79.research.de.com/data?/1gadJT4EATkzFARksFAQtjFhtJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.32.75 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h389.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:17 GMT
data
b153.s79.research.de.com/ Frame 5FBF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b153.s79.research.de.com/data?/OcWLJU3EATkzFARksFAQtjFwrJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.64.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h368.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 20:28:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Tue, 14-Sep-21 20:28:17 GMT
dc_oe=ChMIsJ231qb_8gIVct3eCh0CXQ42EAAYACD53-VKQhMIxseI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651299020;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame C8A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsJ231qb_8gIVct3eCh0CXQ42EAAYACD53-VKQhMIxseI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651299020;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI08jm1qb_8gIVrQLTCh2oOwkJEAAYACCQlfNKQhMIx8eI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651299147;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 5FBF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI08jm1qb_8gIVrQLTCh2oOwkJEAAYACCQlfNKQhMIx8eI1qb_8gIVlOMbCh0ggAtH;met=1;&timestamp=1631651299147;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=24
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651299.349706,VS0,VE10
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
OpportunityServlet
opps.taboola.com/ 		1 B
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=25
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_8/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651299.350186,VS0,VE9
x-served-by
cache-hhn11566-HHN
x-cache
MISS
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
tr
www.facebook.com/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=432617183539790&ev=Taboola100view&1631651299339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 14 Sep 2021 20:28:19 GMT
unip
trc.taboola.com/1005612/log/3/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/1005612/log/3/unip?en=VideoZEROAudienceComplete&1631651299339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 14 Sep 2021 20:28:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1631651299.371117,VS0,VE9
x-served-by
cache-fra19178-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=4&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=17&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=20858&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=18620&an=18620&gi=1&gf=18620&gg=18295&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=18620&bx=18620&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=18620&cn=18620&gn=1&gk=18620&gl=18295&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=20676&cd=19868&ah=20676&am=19868&dq=18620&dr=18620&ds=18620&dt=18620&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=285&vt=285&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4979&ek=1&fh=9718&fi=18620&fj=18620&ef=0&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=2042582972&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:19 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=19&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=20862&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=18620&an=18620&gi=1&gf=18620&gg=18620&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=18620&bx=18620&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=18620&cn=18620&gn=1&gk=18620&gl=18620&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=20676&cd=20676&ah=20676&am=20676&dq=18620&dr=18620&ds=18620&dt=18620&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=285&vt=285&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&eb=1&ec=4979&ek=1&fh=9718&fi=18620&fj=18620&ef=0&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=853494645&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:19 GMT
undefined
www.correiodopovo.com.br/ 		343 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.38.212.101 , France, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-54-38-212.eu
Software
nginx/1.12.2 /
Resource Hash
4573bf89f800ceea1f94866ed9a91ded29884e428003d6d10b2f2261e891ab1d

Request headers

:path
/undefined
pragma
no-cache
cookie
_dlt=1; _pbjs_userid_consent_data=3524755945110770; _ga_B73LS4GNNN=GS1.1.1631651275.1.0.1631651275.0; _tb_sess_r=https%3A//www.correiodopovo.com.br.mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F; __qca=P0-139205027-1631651275598; _fbp=fb.2.1631651275760.1285113563; ___ws_ses=96B33EC7EF3A588B.1; ___ws-sr=https://www.correiodopovo.com.br.mcas.ms/; ___ws_vis=96B33EC7EF3A588B.1631651275662; ___ws_ses_sec=4863:1631651275662; ___ws_vis_sec=4863:1631651275662; nvg23925=f5d0910e5004f4b634c28fbd309|0_258; trc_cookie_storage=taboola%2520global%253Auser-id%3Df0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b; denakop_freq={}; _gid=GA1.3.1731421849.1631651276; _gat_UA-4083550-1=1; _ga_VH600BGGZW=GS1.1.1631651276.1.0.1631651276.0; _ga=GA1.1.1947967339.1631651276; G_ENABLED_IDPS=google; ws-refr=https://www.correiodopovo.com.br/?; ortcsession-w5tlOg-s=87a98996b4752cbc; ortcsession-w5tlOg=87a98996b4752cbc; smeventssent_0d2ab486745b45cf991c8d91aa3e3e5f=true; smeventsclear_0d2ab486745b45cf991c8d91aa3e3e5f=true; __gads=ID=099185d53fb47ef1-22c1aef124cb003d:T=1631651275:RT=1631651282:S=ALNI_MaFJfcCbGp5S0SyYjBDEueDEK3xOg; dinTrafficSource=eyJ1cmwiOiJodHRwczovL3d3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici8/IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmNvcnJlaW9kb3Bvdm8uY29tLmJyLm1jYXMubXMvIn0=; dinLeadTrack=eyJyZWZlcnJlciI6Ind3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici5tY2FzLm1zIiwicmVmZXJyZXJfcG9zdGVkIjpmYWxzZX0=; ___ws_d_st={}; tt_c_vmt=1631651285; tt_c_c=referral; tt_c_s=referral; tt_c_m=referral; _gcl_au=1.1.1646366065.1631651285; _ttuu.s=1631651285880; tt.u=0100007FD5054161CC062C14023F5122; tt.nprf=; smViewOnSite=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /undefined
x-cacheable
YES
server
nginx/1.12.2
age
4
x-cache
HIT
content-type
text/html;charset=utf-8
v
5
content-length
241
desk_muted2.svg
vidstat.taboola.com/assets/video_controls/ 		688 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/video_controls/desk_muted2.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b07af50f99890a6edd3601bb8cf2d7ebdb404904067925d794d1cd450e939f57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront), 1.1 varnish
age
1111077
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
376
x-served-by
cache-hhn11566-HHN
last-modified
Sun, 19 Nov 2017 12:19:28 GMT
server
AmazonS3
x-timer
S1631651299.362032,VS0,VE0
etag
"c374f9a1c65db8dd9f4b435bd1adb4ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
3S3wOAfjitnWEMZIvPQLuAMi8UJL6Pl2GmpfXWboqFIQAImrF1yc4A==
x-cache-hits
32162
pause2.svg
vidstat.taboola.com/assets/video_controls/ 		391 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/video_controls/pause2.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
437513ec64a0d4c9b838a51cf1e57bfb0d75586f35ddd91d0de1d01335fd0969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront), 1.1 varnish
age
1716240
x-amz-meta-mtime
1498396298
x-cache
Miss from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
246
x-served-by
cache-hhn11566-HHN
last-modified
Sun, 02 Jul 2017 14:26:33 GMT
server
AmazonS3
x-timer
S1631651299.362100,VS0,VE0
etag
"0ae31cb3e45e52b441abf8cc6208a36e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
x-amz-cf-id
T6dy0l_uj5k732cj-YUijpj_4B3I2s4gwQzqKytnifZoFOIJNrRYrg==
x-cache-hits
32420
Watch_New_Exhibit_Displays_Art_Made_Out_Of_Pollution.mp4
vidstatb.taboola.com/vid/ 		963 KB
964 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/Watch_New_Exhibit_Displays_Art_Made_Out_Of_Pollution.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
302530689e5ddbe318574e7d443ed458c4a0e4165b70d98b71bd4ac3d8234b7e

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 14 Sep 2021 20:28:19 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront), 1.1 varnish
age
2034280
x-amz-meta-mtime
1466707330
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-986400/986401
x-amz-meta-mode
33188
Content-Length
986401
x-served-by
cache-hhn11566-HHN
last-modified
Mon, 24 Feb 2020 13:02:32 GMT
server
AmazonS3
x-timer
S1631651299.383729,VS0,VE1
etag
"cf5cefcfbdbc02bcb243b8e6d23e3b19"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
video/mp4
access-control-allow-headers
*
x-amz-cf-id
EBUnQb5nb4fBy6Nw2xAHcDS9HZ4ZN8wXwX6kip2APCbx4qIcM18ZhQ==
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=28&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248Rm!9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=18&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=0&gp=952&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&id=1&ii=4&f=0&j=https%3A%2F%2Fwww.correiodopovo.com.br.mcas.ms&t=1631651278481&de=758789603927&cu=1631651278481&m=20860&ar=503c7d4-clean&iw=92b12c8&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=952&lb=14531&le=1&lf=199&lg=1&lh=54&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A932%3A932%3A10945%3A1559&as=1&ag=18620&an=18620&gi=1&gf=18620&gg=18620&ez=1&ck=2126&kw=1917&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=18620&bx=18620&ci=2126&jz=1917&dj=1&dx=1&undefined=1&aa=1&ad=18620&cn=18620&gn=1&gk=18620&gl=18620&co=2126&cp=1917&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=20676&cd=20676&ah=20676&am=20676&dq=18620&dr=18620&ds=18620&dt=18620&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=285&vt=285&vd=0&zMoatSRE=0.046875&zMoatVSD=21.58&dh=18620&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&eb=1&ec=4979&ek=1&fh=9718&fi=18620&fj=18620&ef=0&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=SLIDER_INSTREAM%3A203735%3A66980435%3Awww.correiodopovo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Fpujbtiupbyzbda0hn0jh_MOBILE.mp4&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=194337&na=1347914767&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.33.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-33-152.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 14 Sep 2021 20:28:19 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1631651299694&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1264&pt=1077281207&tz=0&viewable=true&ddast=V7mj8CFgPOloWHHIgvbQTOloWHHIgvbQUAAAAGBjsHGsMabkgM0mgy240Ww81gNtmsFqvdarcYgsawhhsSgzSazHajxXAzWA2Xo8lwshmMpuAwZafJZTmoBbKmyeV3QwiaTofPda_X_X53jd9yeTn9Jr_hb_vbNX63XWL5ywEAAADgASDLKhziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPgQHVKAwCKg8D-PtM_AAAeFEAAAAQwSAAI4tdLAEY6u04AAAAAAAAAAFj-____YwbmF0dkBuy1Q3oAHnwAHogKTosYAQAAAGAPyjUfTeqEyqIKAIAg3QrgCgAgYK_cv3QwDAAAAECMlybmUo4RQ35sgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCf30xKUFceiFq_0CAgCs_QICALCNGwDAmwBcyKWg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWu9rj8NzVnr_oCFoxGKwOIRa72WCxWcwOAAAA4O7___8fj5cm5lKOEUNeDyRnpsXIZdoMZraVxzSZ7RYW48ZhGE4cppFxtZxtr0A_S2ItasCnz2HKTpPLclALZE2Ty2-_CVuMVpPJZjmcLReTwXA0HI32J5CTAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwphhtRouPJ61xrDarEXD2cItsa1sbo3JONmNHMPlyLhYi14f03GzME5MEy8KBkDsRXCRTjR-y-Xl9Jv8hr_tbxFLNCeLdCK77Jsz02LkMm0GM9vKY5rMdguLceMwDCcO08i4Ws72NcNqNVx4PGuNYbVZi4azhVtiW9ncGpNxshs5hsuRcbEWvT6m42ZhnJgm_sZss5itFpPdat-YbRaz1WKyW-07TKZn6nM2qi87kcelPdmKt1rMfFC4DEbvT2JaTLuzg-fsOzpVPuuyqDMKf96j16DwHDyqc_esuHqDE-ts3Fg4DgZFLBGcLtKJ0O92WcQSydMinQhWLtPMNxr5VhubbeZYGVcrm2Fmck08xs1kNBpMxBKl6SKd6CXqPz7IYjZXbBZzxWI0lwxWqwQAAAAAAAAAsIQ58yYAAAAAp8FMRoPdarkAEfHNusAiAAAAAAAAu7DZGNB6XLpZxY0fN4zfcnk5_Sa_4W_7WxlAgq-eebNnglir1bIGAAAgwAYAAAjg1s1bQHglBw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh5c-1_vA!id5mc_vA!spa2_vB!ul97485a_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c87cc927ac68aff54781a20c58bee921eae4deec4db4e0e60eb07de57184bf69

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 20:28:20 GMT
content-encoding
gzip
server
nginx
machineid
1438
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pix.impdesk.com
URL
https://pix.impdesk.com/csync/google?google_gid=CAESENDslsEW0tIYi_gvL5BrDS8&google_cver=1&google_push=AYg5qPK7QvzE5nFSkckoo8Y4RS_m6sOnZNeyezf1t1OKjvmB9y855bRqmg-HoXH2EJ0pDiuRGER3gBZgbWykUqeMZIhDDeCGnjs

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 223=CIBWD-WgQrTCxHs07VvhygOXN0kc16yPhOEC0p4ESdSYsqe9VGmU9UNN-uOVfasUj1PUixo0AIjYgfEfnho_6qKZO9agGeoLiUSoKHb4djnw9MZ0wh97Z8H0TXTMYlXXnrWJAM_SceErH6GEiQMiHH-v3Xt0gWAOVH-8l8X3iGU
.correiodopovo.com.br/ Name: _dlt
Value: 1
.scorecardresearch.com/ Name: UID
Value: 14GMWUGZS1QFPJZCBDSCX1g1631651275
www.correiodopovo.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.navdmp.com/ Name: ac3
Value: 1
.correiodopovo.com.br/ Name: _ga_B73LS4GNNN
Value: GS1.1.1631651275.1.0.1631651275.0
.quantserve.com/ Name: mc
Value: 614105cb-9d36c-d7acd-8a2da
www.correiodopovo.com.br/ Name: _tb_sess_r
Value: https%3A//www.correiodopovo.com.br.mcas.ms/
www.correiodopovo.com.br/ Name: _tb_t_ppg
Value: https%3A//www.correiodopovo.com.br/%3F
.webspectator.com/ Name: ___ws_gid
Value: 96B33EC7EF3A588B
.correiodopovo.com.br/ Name: __qca
Value: P0-139205027-1631651275598
.denakop.com/ Name: uxid
Value: Ehmu74liQICp%2Ft8GpOEn4A%2F0
.correiodopovo.com.br/ Name: _fbp
Value: fb.2.1631651275760.1285113563
.navdmp.com/ Name: nid
Value: f5d0910e5a16539c2b1cde77809|1|284
.youtube.com/ Name: YSC
Value: e37KAX76wBU
.correiodopovo.com.br/ Name: ___ws_ses
Value: 96B33EC7EF3A588B.1
.correiodopovo.com.br/ Name: ___ws-sr
Value: https://www.correiodopovo.com.br.mcas.ms/
.correiodopovo.com.br/ Name: ___ws_vis
Value: 96B33EC7EF3A588B.1631651275662
.correiodopovo.com.br/ Name: ___ws_ses_sec
Value: 4863:1631651275662
.correiodopovo.com.br/ Name: ___ws_vis_sec
Value: 4863:1631651275662
.correiodopovo.com.br/ Name: nvg23925
Value: f5d0910e5004f4b634c28fbd309|0_258
www.correiodopovo.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Df0558ac3-c053-486a-b6ef-cd827d189d81-tuct83a8b4b
.mathtag.com/ Name: uuid
Value: 114c6141-05cb-4800-a842-c3c4596b70f6
www.correiodopovo.com.br/ Name: denakop_freq
Value: {}
.doubleclick.net/ Name: IDE
Value: AHWqTUm0slTwvbXiOVQj2rXvjOiSMJhuaKosR9kFWsnAb2gVZCDpg66aMNJERZHOJv0
.correiodopovo.com.br/ Name: _gid
Value: GA1.3.1731421849.1631651276
.correiodopovo.com.br/ Name: _gat_UA-4083550-1
Value: 1
.correiodopovo.com.br/ Name: _ga_VH600BGGZW
Value: GS1.1.1631651276.1.0.1631651276.0
.correiodopovo.com.br/ Name: _ga
Value: GA1.1.1947967339.1631651276
.www.correiodopovo.com.br/ Name: G_ENABLED_IDPS
Value: google
www.correiodopovo.com.br/ Name: ws-refr
Value: https://www.correiodopovo.com.br/?
.spotxchange.com/ Name: audience
Value: 3f18aba4-159a-11ec-a590-1a3cf9d10206
.taboola.com/ Name: t_gid
Value: 09e494fe-ea3f-4878-ac47-65dc69970758-tuct83a8b4d
www.correiodopovo.com.br/ Name: ortcsession-w5tlOg-s
Value: 87a98996b4752cbc
www.correiodopovo.com.br/ Name: ortcsession-w5tlOg
Value: 87a98996b4752cbc
.adnxs.com/ Name: uuid2
Value: 7613368564827315755
.casalemedia.com/ Name: CMID
Value: YUEFzi0epgmz.efDmRzC2QAA
.casalemedia.com/ Name: CMPS
Value: 3186
data.ad-score.com/ Name: token
Value: soweqnFNlDBNE-0t22-frcpOAYWPvXkK
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$MLL0cD!@wnfH8K6pQK`!5=E<*L5?%K5f]k[x7^sN?5fBgS1(t<J/[ig8@<d$-=/J)$9RFMZ9T5_m!x'yK)_lAX
.casalemedia.com/ Name: CMPRO
Value: 1112
.casalemedia.com/ Name: CMST
Value: YUEFzmFBBc4A
.casalemedia.com/ Name: CMRUM3
Value: 2d614105ce2760CAESEDNsDo5I5b9bjGEkPEEPYg0
.openx.net/ Name: i
Value: 4cc37cc9-bdb6-4dd1-aa41-5f8fe998e7f5|1631651278
.quantserve.com/ Name: d
Value: ECMBCQGfJIEA
.sharethrough.com/ Name: stx_user_id
Value: 5385e540-b7c3-41d1-a6b6-b7dc1febc400
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-abadff3d-2d77-4d40-8c43-a6d37cc36692-003%22%7D
.media.net/ Name: visitor-id
Value: 2746528789326190000V10
.media.net/ Name: data-g
Value: CAESEHD4T5uKPIvuU-PpaO0nJdU~~3
.media.net/ Name: gdpr_status
Value: 1
.adform.net/ Name: C
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: a3dcbc8e213ae7b6
.turn.com/ Name: uid
Value: 3696809690067780355
.adform.net/ Name: uid
Value: 1312094526813042084
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-abadff3d-2d77-4d40-8c43-a6d37cc36692-003%22%7D
.go.sonobi.com/ Name: __uis
Value: 3702d33c-4023-4660-ba49-2901327d1bfb
.mathtag.com/ Name: mt_mop
Value: 4:1631651279
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225125BD4E-9E7F-4EA2-AF2D-40718A55F8FE%22%7D
.mts.ru/ Name: dspid
Value: d79be632-64aa-48a1-a899-51fd4c4f247e
.awin1.com/ Name: awpv18332
Value: 296283|1631651279|4080c311-159a-11ec-bef8-692d023ad792
.awin1.com/ Name: awpv20612
Value: 296283|1631651279|4080ea20-159a-11ec-8a78-692d0556460e
.awin1.com/ Name: AWSESS
Value: 410607:2855700
.medialead.de/ Name: trscj
Value: MTYzMTY1MTI3OXxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRJM05qWXhNakF3TWpBMU1EUXhNVEF3TnpFd05qSTJNREV4TnpFM01ESTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTg1TldSaE9EUmtabVJoTlRkallqZG1abVU1T0RNMU1EQmpZMkk1TW1abE1pNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
.rutarget.ru/ Name: userId
Value: 1Ye09KvAyPw8
.mts.ru/ Name: mts_id
Value: 766ac1b8-8982-4f7f-9b24-cb610bafd133
.mts.ru/ Name: mts_id_last_sync
Value: 1631651279
pb.media01.eu/ Name: ASP.NET_SessionId
Value: o2gwcw52e3gckd1dmgbqh0ex
pb.media01.eu/ Name: DTU
Value: 402D4E904F22F009C2CDDBB228E00C8B
www.correiodopovo.com.br/ Name: smeventssent_0d2ab486745b45cf991c8d91aa3e3e5f
Value: true
www.correiodopovo.com.br/ Name: smeventsclear_0d2ab486745b45cf991c8d91aa3e3e5f
Value: true
.w55c.net/ Name: wfivefivec
Value: P7vdcFro1Mqf275
.sitescout.com/ Name: ssi
Value: a30e6fff-5ab6-4bda-ad5c-3afaac92215a#1631651279924
.dyntrk.com/ Name: dyn_u
Value: 03030001_614105cfe5ca2
.w55c.net/ Name: matchgoogle
Value: 5
.sitescout.com/ Name: _ssuma
Value: e30
.yahoo.com/ Name: A3
Value: d=AQABBNAFQWECEOjFq185qBGBUIeuMnFyTlMFEgEBAQFXQmFKYQAAAAAA_eMAAA&S=AQAAAt8fwRCmJ_zWiG05ZxtPjzk
.adhigh.net/ Name: gi_u
Value: ugg9j7rgHNyV.AikABlF75f60lw
.smartadserver.com/ Name: pid
Value: 57455813562698907
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1631651280121,"clickCookie":false}}
.correiodopovo.com.br/ Name: __gads
Value: ID=099185d53fb47ef1-22c1aef124cb003d:T=1631651275:RT=1631651282:S=ALNI_MaFJfcCbGp5S0SyYjBDEueDEK3xOg
.advertising.com/ Name: APID
Value: UP42aec717-159a-11ec-a15f-06be1e67faf8
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~20ek:18yl~20ek:1762~20ek"
.yahoo.com/ Name: APID
Value: UP42aec717-159a-11ec-a15f-06be1e67faf8
.yahoo.com/ Name: APIDTS
Value: 1631651284
.bidswitch.net/ Name: tuuid
Value: 4f7c2f9d-d642-4a78-8080-5b0078e58d0f
.bidswitch.net/ Name: c
Value: 1631651284
.bidswitch.net/ Name: tuuid_lu
Value: 1631651284
.adfarm1.adition.com/ Name: UserID1
Value: 7007888903287797911
.simpli.fi/ Name: suid
Value: 03A29AB297494799815227AA5799A126
.m6r.eu/ Name: test
Value: true
.krxd.net/ Name: _kuid_
Value: OXLHC9xl
ads.avct.cloud/ Name: uuid
Value: bcdd51a5-bd79-4860-98fc-a9fa9c6e8e32
.m6r.eu/ Name: cct
Value: 1631651285054
.m6r.eu/ Name: id
Value: b16268e33c35d282900e1f0c5bcb4c2e
www.correiodopovo.com.br/ Name: dinTrafficSource
Value: eyJ1cmwiOiJodHRwczovL3d3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici8/IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmNvcnJlaW9kb3Bvdm8uY29tLmJyLm1jYXMubXMvIn0=
www.correiodopovo.com.br/ Name: dinLeadTrack
Value: eyJyZWZlcnJlciI6Ind3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici5tY2FzLm1zIiwicmVmZXJyZXJfcG9zdGVkIjpmYWxzZX0=
www.correiodopovo.com.br/ Name: ___ws_d_st
Value: {}
www.correiodopovo.com.br/ Name: tt_c_vmt
Value: 1631651285
www.correiodopovo.com.br/ Name: tt_c_c
Value: referral
www.correiodopovo.com.br/ Name: tt_c_s
Value: referral
www.correiodopovo.com.br/ Name: tt_c_m
Value: referral
.correiodopovo.com.br/ Name: _gcl_au
Value: 1.1.1646366065.1631651285
.tribalfusion.com/ Name: ANON_ID
Value: aGnseFoNIvbpmVrCJZal4x5JLjEoZd4ohxZbLc9CfC8W19jnC0eRi4bTOAdaRTgsZdkxaG3ZaZai1ToZb2TbJq1xNm7
.tt-9964-3.seg.t.tailtarget.com/ Name: trk
Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGkyNDpxP6QXvFUp7zqH1jf7k83txLrfA8VU00j2wt+Sng==
.t.tailtarget.com/ Name: u
Value: fwAAAWFBBdUULAbMIlE/AgB=
.t.tailtarget.com/ Name: _ssc
Value: y
www.correiodopovo.com.br/ Name: _ttuu.s
Value: 1631651285880
www.correiodopovo.com.br/ Name: tt.u
Value: 0100007FD5054161CC062C14023F5122
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1631651286219_3632493261
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.correiodopovo.com.br/ Name: tt.nprf
Value:
.tt-9964-3.seg.t.tailtarget.com/ Name: ttca
Value: CA15795,CA15771,CA17813_1631651286
.t.tailtarget.com/ Name: n
Value: 1631651287
.t.tailtarget.com/ Name: tp1
Value: CAESEF8vbvi3PDp5mruPxYtOBDM
.t.tailtarget.com/ Name: dc
Value: 1

3 Console Messages

Source Level URL
Text
javascript warning URL: https://barra.r7.com/tailtarget/profiles.js
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://pix.impdesk.com/csync/google?google_gid=CAESENDslsEW0tIYi_gvL5BrDS8&google_cver=1&google_push=AYg5qPK7QvzE5nFSkckoo8Y4RS_m6sOnZNeyezf1t1OKjvmB9y855bRqmg-HoXH2EJ0pDiuRGER3gBZgbWykUqeMZIhDDeCGnjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.correiodopovo.com.br/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
5994599.fls.doubleclick.net
95da84dfda57cb7ffe983500ccb92fe2.safeframe.googlesyndication.com
a.tribalfusion.com
accounts.google.com
ad-server.eu
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.webgains.io
api.soclminer.com.br
api.webgains.io
apis.google.com
b.t.tailtarget.com
b153.s79.research.de.com
b16.s79.research.de.com
barra.r7.com
beacon.krxd.net
c.eu1.dyntrk.com
c1.adform.net
c2.taboola.com
c2shb.ssp.yahoo.com
cdn.datatables.net
cdn.jsdelivr.net
cdn.krxd.net
cdn.navdmp.com
cdn.taboola.com
cdn.webspectator.com
cdnjs.cloudflare.com
cds.taboola.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms-media-api.r7.com
cms.analytics.yahoo.com
cms.quantserve.com
code.createjs.com
connect.facebook.net
consumer.krxd.net
correiodopovo.soclminer.com.br
creatives.sascdn.com
cs.emxdgt.com
cs.media.net
d.t.tailtarget.com
d.tailtarget.com
data.ad-score.com
digital2.correiodopovo.com.br
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
go.trvdp.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900028.redintelligence.net
i.ytimg.com
ib.adnxs.com
images.taboola.com
impr.taboola.com
imprammp.taboola.com
match.adsrvr.org
match.sharethrough.com
mcasproxy.azureedge.net
medialead.de
msgws.webspectator.com
nr-events.taboola.com
opi.navdmp.com
opps.taboola.com
pagead2.googlesyndication.com
partner.googleadservices.com
paywall.correiodopovo.com.br
pb.media01.eu
pips.taboola.com
pix.impdesk.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
plugins.soclminer.com.br
pm.w55c.net
portal.correiodopovo.com.br
prebid-us.creativecdn.com
pv.medialead.de
px.adhigh.net
px.moatads.com
r.turn.com
receiver.posclick.dinamize.com
rules.quantcount.com
s.tribalfusion.com
s.trvdp.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssbsync.smartadserver.com
ssl.gstatic.com
stat.meetrics.net
static.doubleclick.net
static.socialminer.com
stats.g.doubleclick.net
stg.truvidplayer.com
sync-t1.taboola.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.navdmp.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
syndication.twitter.com
t.tailtarget.com
taboola-supply-partners.tremorhub.com
tag.navdmp.com
tagmanager.smartadserver.com
tags.t.tailtarget.com
tech.rtb.mts.ru
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
tracking.m6r.eu
trc.taboola.com
tt-9964-3.seg.t.tailtarget.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
v3.denakop.com
vacina.saude.rs.gov.br
vidstat.taboola.com
vidstatb.taboola.com
webservices.webspectator.com
wf.taboola.com
wfpscripts.webspectator.com
widget.perfectmarket.com
www.awin1.com
www.correiodopovo.com.br
www.correiodopovo.com.br.mcas.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
www5.smartadserver.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
pix.impdesk.com
104.109.78.125
104.16.11.243
104.16.12.243
104.16.18.94
104.18.12.5
104.244.42.136
104.26.11.172
104.26.13.85
104.88.68.55
108.128.138.172
13.32.22.109
13.32.22.41
130.211.115.4
136.243.3.72
136.243.32.75
136.243.6.89
141.226.224.32
141.226.228.48
142.250.178.1
142.250.178.2
142.250.178.6
142.250.178.8
142.250.179.227
142.250.180.22
142.250.187.193
142.250.187.194
142.250.187.198
142.250.187.206
142.250.200.14
142.250.200.2
142.250.200.34
142.250.200.42
143.204.207.31
143.204.207.4
143.204.207.69
145.239.193.130
151.101.113.229
151.101.114.133
151.101.13.44
159.253.128.183
172.217.16.227
172.217.16.238
172.217.169.2
172.217.169.3
172.217.169.34
172.217.169.66
172.217.169.67
172.67.14.139
172.67.36.241
172.67.69.14
176.9.64.67
178.162.133.149
18.159.182.76
18.185.140.232
18.195.155.181
18.197.99.6
184.30.20.207
184.30.20.54
184.31.88.106
185.172.148.128
185.184.10.30
185.29.134.244
185.33.220.145
185.60.218.174
185.60.218.24
185.60.218.35
185.60.218.52
185.86.137.122
185.94.180.125
189.16.116.12
192.229.233.25
193.232.148.158
199.187.193.140
199.232.137.181
199.232.137.44
2.16.106.57
2.16.107.27
2.19.35.65
2.19.44.80
2.21.242.228
200.198.173.170
212.82.100.182
213.19.147.44
213.87.44.187
216.58.212.194
216.58.212.225
216.58.212.230
216.58.212.234
216.58.212.237
216.58.213.4
217.66.147.170
23.193.32.139
23.193.32.250
23.193.33.152
23.32.238.176
23.32.238.184
23.32.238.192
3.126.175.244
3.126.56.137
3.23.208.81
3.232.160.141
34.102.185.99
34.192.216.94
34.207.18.4
34.234.140.75
34.249.226.229
34.96.105.8
34.98.64.218
35.157.246.167
35.190.0.66
35.201.123.184
37.157.3.30
46.228.164.11
46.236.13.147
51.178.20.139
52.1.252.251
52.157.233.49
54.194.211.3
54.38.212.101
54.75.239.54
54.76.176.197
54.82.20.194
66.155.71.149
69.173.144.139
69.173.144.165
72.251.244.140
74.125.140.155
76.223.111.131
78.46.23.46
80.64.106.148
85.114.159.93
87.248.118.23
88.198.250.30
88.99.165.19
91.228.74.134
94.23.99.218
99.86.4.12
00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48
015fa1b4b173ef6c801b1bed8b0bfb6b4bd36796941ac03088dacc2373a6b665
06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0736ad12261fc4b4346f9113001a7391e43b5d5c3bd9161807807addbaf332d3
0787db137767c8047d78ace7ae1c3377780b931047065ee7e8636052d2da28fb
07957c91858a3dfbf0819b59c8c7049bb174f125186cb3710f6493c5df4407bb
07a3391f6cdf18fd1fd8b39994ef4ed0d2583f56a6210624d1cf48a4ef606ba6
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
089e5828afbc9c8042edcc33c976917c43c1c0256e2e099901591386e8574456
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
0ad0a7e028a3652767b3a1117e217b0b455a314ee99de98aa086cf0371538619
0b11ca4376d9783b6b5f65165de0e1c10990e72f13453838c89d3cb08fbdd582
0b455c2bcf04ac7cd5418215eb752a2eedca9619c43a0afbd6ddbf75a96b7ff9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baae949f397c74cc1d69380fd842d4fcc6afba5b4dabe47a5724cc116b86407
0c4031d9d79f9a6e52d6b68c3771ad296cb0e037e774f66b1d638cab0a8f8c9a
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0
0d7d9b5e45530c246f3ae54bd76975e27471b112323d28f818946add2cdd1a16
0e1793a78584fb1513312ac6ff1a2cd8bee8aeb7d21a99c7dc0f02890bdb9dd0
0e6f207fc0f0eb4964680063fa14b139510f2e86411f8d1ce8ba2bb6b8c2e567
0ef129753a34a06e8bfc8c1237aee1a74519c9df9d92c1a3c5a6bc52ef88b7f8
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1
0f565ae79a85add0a742fae507600292b72c4e6e1261d01e7d8bd10abfc3ad56
0f9f1e4f8f2b54e4ce8878df1406f009d9a504bfcf512d93514a0fb3f8b87639
0fc46a4f3a441cac41dec8d14823610ca9d95fa6306e908cb8b2048099b22866
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf
120ed0c07e3b799f05edbaf9edd674065f79410c14c3f80193f25a0813cd05f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
1337a9f763f13d9f4c0234e32e0c5b78c692420a9e7119699ec4ef866f60f453
1368d75ee5fe253d7d899d4674aa73d81a0d4b5339435e4dd2fe3268256f0d33
13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1522e3c015d201d5754016ab5fe55a980dec1b7c2f0e631cd08fcca92f4ad771
155b36117f46d5d84fb616cb2c16b136faec4ba1ba931dbca4d3ff303bb586ef
169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e
17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0
18553dd1410cc7d4f5e3276a37f77d6440cdb7a87cf7a9fe59164668f7280fb6
18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd
1b62dfc263653ef6f5d33b9bcc4b34419bf1cfd69f607162ebce3844c37b3ebb
1b78dbe1e64d5c815baf1ea990f6df3544efa859a6e46bdef64771489e526561
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12
1d4a45236de6b5693b38950c74549ab527c697326dcdbfe3e96003c5bbd8ffd8
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
201b78849fea8656d251b6886d5bec09ecd897acf2f82bb76f4e60c89a0d1731
20cef199764e090ab8fa631555722da5396595402250a8871c409120c9481a2b
21338b5de9fa291d16b8dbb1149362c83b155e241301b715cf9a85e91d18f460
218e212955a099e8b0e363d4750a26b27024c8443a4b5e0313aa62ef2054153e
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
22a92c9d2e3725f4d30c008869de5f3b80163b9bbf9e1c8425333e744690c29b
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2372b89dea77bc9c1a006418bdeedfa47363b1a72de56a4a12fcc38a332cf18c
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2629e2610f2c2e5320e7e97f439cfdc7f8ab89f557d2b8e25acc7d232dbd8792
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2
27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8
28c10d39dbd6436ea5c348cdebf1b64cfcb3e5481b4cb7962bb2cb15edea2927
29964ebe2f62abfc444b03afa6345cc1aaba5df4cf0dc3af1f0aadabd133e84b
29bd09962171f0429c49f053bedf851eed636933bd369af210169727803869fa
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13
2a043842389a3a58d2ff6e75a56e989625b4c74ce330fc08a88277cff619660e
2a9727c8c9067df9a0bf2a7092d782436c6b91b0489dfbb0952957e024eb9ebe
2b553dd0c64df2af51f3614816129e8bf519739d18e48c049bda1ee31b66ff3b
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d0dc9c62ecc0bfe872a71a7ab68725ba5d4b5d14926f3a8618d4307036b0d6b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
2eba3b31bf789b70026f24ae62d46e7b35281cc19652bbea9934a0f845cf4c89
2ef62e4c595457dd8a3c841284673a147272154b3554e60f6f50b8003e8bb9a5
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968
2fc85e88218b642faeb3e78264fe935fcbf5713436f92609f06120ab05208946
302530689e5ddbe318574e7d443ed458c4a0e4165b70d98b71bd4ac3d8234b7e
302813418547cd13a955a2952d5062aec5f8b3330ed12faeb0caeb7c48eceda2
30372f3372a2b53b545fec26905f0c64154fdaf0d8c820263d8ce42bff7d42cd
30a259a035d5f20ffcdf6667bf50f62e4ce99425e13df39199f366e3092305be
31219fa5cd3ec8ce2c492893f3699f3d62f4e4de92341041afafe2300213a113
3136018ea6d9819e1acbb6a86f903227631742004eadd3667cb3f24c7575ae0a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b409719a1cc57b4e01da7ed76bc142dc583a72d0b4c2d98dc176c895c8e41d
333bc64f2d2ff92d8b0723d889d9c9cc1634fec09e939546b1c7d0a0b9ca7de4
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3416dbdb9c0ca2a9d8bce8f2efd97617262481e95bf18fc2b069b5eef79792f2
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35938db5ca4da1d73f98cb5022fe0d670bcd82985713fcbed627010c926dfdbb
3624134ab5cae3c2a0eacaace483770b0f7280323b440b9d18f207f33b1f87c8
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
36898d0bdb4c15f01278cab9a1a5f8f1ce3612c2db490f82e51daa72bce85159
36a0fdd13cce7e986a18a3cbc8a4d911ccbf142784ab5f5423deb6e194f8b22c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38c33a38f3e7512212b60bd7d70ea499454571ba16ccb66751d93912a1d05c31
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3a68bab32a90893cff2d3bd078481dce7b5b64b9866f49e0d06033f1bf12d4a6
3a68e8c4084bccfa7c7f64bd3b98d949b4704ff9e1c26b73b6e018f6dddb1dd4
3c19ab6c180556514587eff09682cf2a3bdcca252cfec4edbaa470848a81a1d2
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b
3d4d5938790a19395ff613bd5af478c384caf7926f23094297331936ace2e492
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e3b81539846e9c12998bf9e9e0f39faa9b02ae7f79dba4fa7d3c1d3c47b569f
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72
3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffeb8efe5bedf54e2cf5efd606a0e5395fcc419100040a9c8dcb344be9b5ee2
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206
406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a
4080731ec7838e8127a0f8fbe1a5d738aee67820fb499fb0b5e7f6884a929f5c
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03
423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86
42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c
42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2
4300ce692c247738e4498fe1cc38ba5385ef561912a5a655e91417854a57c477
437513ec64a0d4c9b838a51cf1e57bfb0d75586f35ddd91d0de1d01335fd0969
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4573bf89f800ceea1f94866ed9a91ded29884e428003d6d10b2f2261e891ab1d
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
45f9f4f7122fffa7558b77eb250cf2ce13588c588b25f9e808744ec95bedc264
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
46adddd448468b4eb5cb24681908dd86566e07b8e3147b743d96ec151f14b36e
46bf91ca36c2d1ec9d95dcc4220998a120c5050d1a61616c59966f62bf98e1c2
481b70057474f169e02e2105c2441ade64d4744a8d205fce2d42685d1fc1c2b4
48315c0150f3cff66ce4058981f7d1593f1ed337025108837725a35b036be9cc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea
4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4a794999266cd38cf68b10043b57f089fff8c21ecdad8425c2a0f07cb6ff1a20
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf71663600d7e2588f043c2efd957dbcd1b76d9d8c6b7facc1de50e2cee071a
4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ff104d3c2fb338b96c32ad048513ffcbedb87d1b6411f85436ed6724cec9926
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
53178a1e0de9ad8cc51debe1ba3630f86aec7473cc5154febbf31e53d637183f
533aa480a66feed11fae2f2609d29c031c2b4114a30bdb69bf0d1cc006e18820
537c3a68a2eb79e3ff4e05ab7bc1ac571585f15783f7822461a31a281d673dca
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54a24c63a70adb872b4ba68531909073c0a9b1771927c424ead91b45fb90ddcc
550c49012ddbc399c77d2945bd5b77fbd5905c0bfc13384ca26c56cd4d1e627b
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
55c1e27a9508ed55e849730f1382367b3be52d4d7a7ad20c12ea05ec63c15ae6
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a
574d0f8eeef6741771d3cef0cc4869634263181bbf42de1e93ca22dcae36d8e3
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c
5ae6a9b176b2fc85499d159131fae30605accc18a51d0680c4a0458613a99575
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d
5bf16358577181bc2e62582d4b8dfc9cd6693d7c50a2389a05bab45ebf0679c1
5d4273f95da9b3658007906072956b9dbd2130e19ceaf1c4811b33343888fe80
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359
607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
6171df69d9124dd84ee58ff79e2ebdc1490a4d194e3d87dae9117ac67cffa9e6
61d54cb9c30b7d10515500855a403673a3f232c872032cd5f3c0f449d8febd47
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420
64adac1b865864458f43a5c72c61eadab87c4f44f1ae490d5da64045f3ffe906
6554031f30df2024a6957fb7b1e664c48babdfdab91ae8297141eb0ad156b297
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b
65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
683c05ab2230225fd07a7dd0092bfdb3e53f49971225a4d90da3fbb5fd44ea2d
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d
6899ed4ec3619e501c119fee6651269c34804d7c748aed015be7eb99b348e462
6ac8d8bcbeaa5ee86aaa9f5ecb9a38792c86359e09798c0b69bb6d10ec43ab67
6ad407ad1c85ed28e121bb12db830c5df8d1206099d70c3d56dcbbb105f3867c
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e
6be54bfc193daa43af1c0b97e715e87faa33a1fdd44ad006965ec880b4f59d47
6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6ccd37e867c5fd6cc82f3e13c67835ef4d79f15387f979229dcb84b7d7f4b62b
6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a
6d4499e5b35274bc18bd31350b72faccca26a5fb17812d737bc7fe3407ecbf32
6df22ac86cca37c236c0ca97ef264eb918e97e49dd4bba4cd2efdfc912a0dffa
6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a
6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
71862bf391c9a95ed429dba5e7d04107dcc4aab5aa347a2f48eb125cb24f4b6e
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
7494597792ec760b3199f35e90b4388acf058e30440e5f113945b85cd4788215
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a
75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c
753064c5ad9e8da31e110c900023219ac140d9503b1a4b3120e45f9669308fc6
75474aa2f75956a166e1daea049b026b56952d9cb00a9a06e176f56dbba841aa
779e94bd078d81cd6d9e00382cc03a8b357c4e04ec959ab528f415d640cfa486
77cbdb47c26f2ebb5baca4e08872e975672f7295a1d2d6019a2d4058629d7a29
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123
796611214d021bcac816f48cee7b311f491a1cff63bb41e0bae4dc8a122aa088
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b
7a2d09c26e21338033ac946d9863e14e073d55d009436a4858edd698ae4f4795
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
7ceaa15a974011f7820b42a17e35183ca366ae20ff9a4fd552fbb16b4452f337
7e62daa1e5a34ef61c84ffc720dca40503ffd6fb41838a731b60abf487be0115
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
80595b49b73c4c95d1c412d30173a6e7ea2aea9399b7189d597a7470789611c2
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4
81f0523414fdfc2ffae7adfb35cdc7228cc563a2a2a333594ccd153e12538c18
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83217e74278f741087a25b9370e9533c3dc24c1a2f05751d6075f48aac7fa126
8322a44ab8eb32575fc42e561e81a411f7e922d830c532f5f69b0b143be85f64
83e58f1cffee095b4e35a550a01822f93cbc9058f1189781b5ca13e8e0eb1107
84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
866e863e2967e9e6eac18f36246b71c249691003ab7631056b20b97b7ea204d7
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
87a1b2ea7c0a55527109d5ca3a005f529dcf42f2ef57f7ae2962d21335d1bcf8
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c36320b8b03e317e930253f3e89a33ca264986a897d2df38a40fe2dabaf2e74
8c5dfef87a2df30bce7eff26e8b9d58ebe68ca6031c77dd31e74ece3918741b9
8caaf7c6e63cad3aded9fce45edb99d62cc7050fe20a3f3ad0b20928e5a89bb6
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308
8d4a15dc57fc623f2eaaabfb43a28eef41d64175ab3a8a5298bfe3ee4df17b5d
8d6e01d4f0f46aaa54139ca3c57b76373b577483b5f3a7ed0b18381cdd9fd262
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1
8de0506a6cff07f7de09a69a51fe34aaf02a67db6838dfa445d88282814dcfe0
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850
8ef93506c399097653d0e19af1d14f3212188ad46cd83aac4b7a6d4818b6415a
8f068605568d16591c072a4f6a63b33e51010353d019f383c8dc04aa33177234
90492bd32e00f652bff39848d4aeb7c3692c028e3fccb003cd250463e0d763e9
914fd757696b44cedbbb4cae56a2a4f86055ce32c9ef552e906d07bef28ff31b
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9327fed20747ac53aa7af8234f96572807fb9761b3b756703abb4102d5a6d163
9337895901faa9db7b1ca3d23ff0b79de5903c4df4fbeba18c64cbd35bf615fa
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
94e826719b8992f595addf67de78104ee5c1b971d451991f92e1c350784a4e71
9578eea9ce34a90386400400d88eed02ee81c192c0a4acd074c4b3cf49809c06
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294
95e3f66a4c8b17c516fc6fc0133fc7eec5e5dd7608fa0063c5de930397757498
961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c
966c8193afc5c3a2d668afbafc0e6c8426de200e838a1953446ddb7e9af2a5b4
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443
9722b8bfb6a9867b915f5988138a693206e75a063b062e55632bada771adca47
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98b4e4e96abd2ac886205798f83cc63229dfc4a8bb193c179015ae8f903e74ff
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b915dacf4f3a427a25aada1ca30a84d00d5048df0ec0362581e87d1200b0a5a
9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
a014bcbd03971210734aec9878e6d9013514927d063a96a31f86dec111c28b52
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a316799bc4e07ad690bb9952ff5d5fb050d90e3c7acd87d35987dc13ea6e7bb4
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a
a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a45ee891fa724b2745c110bcc2082cd2c688625a791fa8baec5735ab0354035d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d06029303a200417b3734eca1ddb97d9a5bab896df726ce5b5ba72e5666f9d
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac
a6c407a0b0284bf01c5464027317de48ec6f7aba81c201f7da00e3c73831a474
a6c7dc957a8be010a2bb9847f248a8fd3783fbf952c35be318d05fe05cd0a3c2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31
a7ac7b2af634f971a13cbcdc11ede132fbb2b0979729087ccaa6475106c3879a
a7d347418b900fe71f28018085f709289511422f11fad3573c6ef5374ff0c2ed
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d
a90780934d15fac1fbcd388e13b6260a1899ec1742bb1a3db91d1fb43a1794d3
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac69b2dc86cf7a234c57ee1f41af27b024566aef1ada2bd22229331ff811231d
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
ada56f3f2777329d860613d0490ae704a3b7db7087cee61539525901c81c3d38
adbafaf5f3b775195fe396c0990c8297310b70870c228c15f047ff16a636ee4d
ae0045ce4597701b918384c17402ad14e391fa44e44ea8f800d159d6aff62f96
ae0ed264932d9bb3f3c28163bbdc7eaa72892ed4a8c12cf98e1a33a7a2e4c8ba
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
af83fbcc69c7e9771e38c460c76733042523c71a51206b18c18c1f1f52223dad
b05bb972a75ccc08b006642ca27d5d247a5a4018cdf00dd593526c3dfbf9cb97
b07ac778746ddc8dbf09d9f53a0446567a969e8ab33f9cbc13b68feb73d64305
b07af50f99890a6edd3601bb8cf2d7ebdb404904067925d794d1cd450e939f57
b0d9052f9f9bfa524150b8d87f5348df02d36ebf6e134fab4135b6aa9b81b3d5
b12a328c3ee224f2f599ddcb3b1355a89edc965aa2e549188bc4f159b1b2e47a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b146e47043207e55d806094e8ead9a906a5c1ed9e5f8a69b68c178cdfb5fa0f3
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b40c3618f871a553c572f04da5f73728405a8ecccb3308120008d422ee7416c6
b4217f2c8e10b25a869b1a649dd5b15ca1fe010e85a912f6095a130a4606ea55
b4968cb84703832d3b77069cb2e6587d95445232854a5f12f24e9e02fd4c77a2
b517cd0ece0ed53cca9d240c32e10ebc32f230aa0d8a8eca9dbb2bae03b4f8f8
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b6293a3b0ccea7f1a873b1c6e8c50dd7995e60dc3a45e31f070000f0b9792230
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b79dba9a9adc465369497c21ba8d16fb136688d5b410e91db88e44f4de2c7817
b7b99c8b1393f3831b2afd8e6aee8a95eb4b16d7241809d698acbfdb81ebd96e
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015
b810e3820c619a1a1a04655f62dd95362d5279be745bc908eff63005692c1294
bceb42c38849f45f8eccea1ad752b5ccea22eba051598d3890607f03941e301e
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33
be688050e97f77c66c91a97b8248843a4dcb216b846a1ac2641167fbdb7df516
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7
be97ade1a009ba58f04b22da4007db70e29ad3ecc437bede28f13a2481bc5536
bf01f104e3f0aac9c166497e13b6eb6f81de17598e48be3511bbb3d57d5b864d
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c21e4b3bb90dd685c8fbb6e17efd1f1bd175cf156c38ae7b4f7e1e140c605d32
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
c384fb17bdc5f1284d9de41c8e98ace7d5c4e214b5e026d35c5f3d347c64f640
c5f8a5e82816eb40e5215b27627abf227c8ce5fbafb6cd3d269c2f38a3057abc
c6173c87a67e8dfc7599c97d03b029c27f175f14f1ad75e03c0596d990b89b13
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647
c87cc927ac68aff54781a20c58bee921eae4deec4db4e0e60eb07de57184bf69
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e
c8d43b78caf6f8854903dd5d547b02f0fcd06dc4fc9fa844ccb7e529078de822
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
cef034a29f4cc7e004fd8a6ba933ea11dc0b25d4e5fecb91a613bad85e2a8ceb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f
cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae
d57133b82bc4dc50784b0626599b7a41d444311d42612f8a30204e0434a09716
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d64070bf3c14449594aa39dbb2b6899738644af1508a3bb15420eee31d9b7758
d65d665701facba63fc97d01f6eb1d4711672576513e02b0d9e7965987ddf49c
d751fd7254ca2f402e056509fa833a37505889a2919e950c8c07aa9ca61b5199
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a89ff0d566158ef4dd4ad6d09312dc129a8eecc36708ab332f4f56fd32ade1
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
d97a251770d76594a61955398a1b99cd6503deaa7e87f734e672538bbb2a802d
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd
dca80cec770c2d4b11e467ac8d96f22e78eacf50a893ed255e937ec24fae334a
ddfc533c65178bce0b634d810ac76a230f83fb71b97a1386473d12c4e643be20
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea
de57595b70447c0770b04fc4835e2f963399df7442112072858eb2f289ee28c2
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6
df292e576d920c811566245a5aee06b4ec6ea03d228cbc7053bb0662a4b70913
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747
e181d529a182bd1315ec4256070d242373a8ea6398cf1332871738b7f2fbe969
e213ce725ac5cc0c6b84730c4550a6e4ca008d78417f460447c1cb3e3d42ed7c
e253f71df145831550f8cf584058c18f6a120c27b3de1cfbb0f969c550f642a8
e29f002949f6387d4a6b81e01f0dd0f49e10a29c2c87c4f228594dc345930d20
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21
e361c31595a84b483800f7629b33586b19f0772bdc69a383ed51483039464eec
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e46b13d56b9bb902267a4edf33332c9ce8d6bb7581bf3d41071d4385b6506c8d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209
e79c4810102b289ddad74e8a731fdab545e666cb04cde36d2daa32c7a469508b
e87e8a9be0a44ea89fb520ce95e742e0fa2491b3d73687bab5e2f00ba71d51ed
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0
e9c3970ca6455b9f438053b4f875d1451dd9af05b1ea06794db9b75123353624
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
eab04a6e65571903da729fd95957b197fafbe3baf4fdb7e39a3edabba4794f12
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee35020849ff3b061d9281af944309fa2a45f1c9dd6ed71b0c22849e6e3d2bc0
eebd06316be66035be6403207d61b0220b496adfdf9ec768ecd18d727b851995
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76
ef0e21d766afdb8f30b765f5873eed72b3f2e4d682448d8def16ce9743ab3c7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79
f1bf540017992d35e9bbaa737b8c0443ce01b4b38648990ad130f25d2e41e700
f24767067c945c566c88f84a433c650ca1e1eb61b93e3809180c9b1924670017
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
f5a5fa9309ecbd897710fa5dddf07a531681820fbcde76be4eb5b4bf2ffd215b
f64b8deaf16a2a2eecda9c082f4c96bb36c0b7f01fa7bb788fbd1a3ff624e8c3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f7f35acd4138198dfc9fd8ad3bae0c5fd4f0459828d77ce5cf348a70a21d04dd
f92ccac55b55ca8401a4cd46382da0b5b9ebd8b22c963ee032bde97cb76f28ad
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97
fa0c5753d76887c87c8256960ac276239960ab047b3f96d33d729c4ffa5d5c48
fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb
fb1e6af49725793c5a36aac74b1f4851330344142713c5b3c19debce83693652
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c
ff7835dd23219873216e3c692791c3a12f16456bd5e4e31dfeee42af427ce6a5
ffa065bb57feb341adfea9070b0611a29de142aabe947249692423329dca4d1c
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2