www.correiobraziliense.com.br Open in urlscan Pro
195.181.174.138 Public Scan

URL: https://www.facebook.com/correiobraziliense

URL: https://twitter.com/@correio

URL: https://instagram.com/correio.braziliense

URL: https://www.youtube.com/c/iconescb?sub_confirmation=1

URL: https://wa.me/?text=Telegram+abriga+venda+de+armas%2C+drogas+e+notas+falsas%20https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

URL: https://www.facebook.com/sharer.php?u=https://www.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&text=Telegram+abriga+venda+de+armas%2C+drogas+e+notas+falsas

URL: https://twitter.com/intent/tweet?url=https://www.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&text=Telegram+abriga+venda+de+armas%2C+drogas+e+notas+falsas

URL: https://www.das-immobilienportal.de/ratgeber/so-funktioniert-der-bessere-immobilien-rechner.html?utm_source=taboola&utm_medium=dis_nat&utm_campaign=taboola_IM_D_DE_v2_Windows&utm_content=das-immobilienportal&utm_term=allgemeinIM&utm_site=diariosassociados-correiobraziliense&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQoi5GWibPhxsv_AQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQoi5GWibPhxsv_AQ
Title: das-immobilienportal.de

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariosassociados-correiobraziliense&utm_medium=referral&utm_content=thumbs-feed-03:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

URL: https://trc.taboola.com/diariosassociados-correiobraziliense/log/3/click?pi=%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&ri=0adb794e9381079d704d605d82c95533&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&it=photo&ii=~~V1~~-3626605616488985487~~ZNgcwS6N9fLHpKgFHlEl85S57e8LRaLfdZXPeYBFJeQndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AysbnAQft8AdZytVF_Mp7Vxreto52OzaZxbXDp1Q0LlmJBc2KYik0p3C6IEc76cJZoM2sg7qNp77Tob-lSuiKMtXm1xpSxH8ITachw9jBW5tyRMiMsWt_J59zH-ihmwYd_g&pt=text&li=rbox-t2v&sig=e6fe8495a2e93acca4f256a122d6a3029a8d0a36ba78&redir=https%3A%2F%2Fwww.das-immobilienportal.de%2Fratgeber%2Fso-funktioniert-der-bessere-immobilien-rechner.html%3Futm_source%3Dtaboola%26utm_medium%3Ddis_nat%26utm_campaign%3Dtaboola_IM_D_DE_v2_Windows%26utm_content%3Ddas-immobilienportal%26utm_term%3DallgemeinIM%26utm_site%3Ddiariosassociados-correiobraziliense%26tblci%3DGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQoi5GWibPhxsv_AQ%23tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQoi5GWibPhxsv_AQ&vi=1643024286880&p=wattfoxgmbh-immobilien-sc&r=22&lti=deflated&ppb=CLMD&cpb=EhIyMDIyMDEyNC05LVJFTEVBU0UYtBIgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MDAyOICuy8sNQJvjCUiJihBQ2LbZA1ij7BBjCNcWENUfGCNkYwiqIRCmLRgHZGMI0gMQ4AYYCGRjCJYUEKAcGBhkYwjcFRD7JRgJZGMI_R4QtioYC2RjCPQUEJ4dGB9keAGAAQKIAeb14sQB&cta=true
Title: Mehr erfahren

URL: https://www.austria.info/de/winter-in-oesterreich/salzburg?utm_source=taboola&utm_campaign=BM2163304_mk_winter_z012&utm_medium=diariosassociados-correiobraziliense&utm_content=z012-c&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDQqFcose7Mv56Y5_wp#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDQqFcose7Mv56Y5_wp
Title: www.austria.info

URL: https://safesly.com/cfedd4af-9e1f-4794-b328-aafaac1da9f2?site=diariosassociados-correiobraziliense&title=Dieser+Trick+erm%C3%B6glicht+Senioren+2022+Top-H%C3%B6rger%C3%A4te+f%C3%BCr+10%E2%82%AC&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fce81789749460d15395319c78ab15677.jpg&campaign=6H_DE_Proauris_Desktop_v1&utm_content=3107806150&conversionname=6H&click_id=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDimUAo3va35sHngsJ5&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDimUAo3va35sHngsJ5#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDimUAo3va35sHngsJ5
Title: Hör-Profis

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariosassociados-correiobraziliense&utm_medium=referral&utm_content=thumbs-feed-03-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Patrocinado

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de_videonew&external_param=2965949206&pid=diariosassociados-correiobraziliense&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ff1915e48f459311820b4ac5b9f72ad3c.jpeg&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDJqD8oud3PisX1rZHKAQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDJqD8oud3PisX1rZHKAQ
Title: Forge Of Empires

URL: https://trc.taboola.com/diariosassociados-correiobraziliense/log/3/click?pi=%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&ri=fdb3c0d7143ca7c931f30328dec44c4b&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&it=video&ii=~~V1~~-8299162509699923051~~6kBEk_BPUHsAT7pXajwRNuMxnAGlMgkMrWQfyvIbJ-HTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RL9NphKCUNRAUEuLf4MSKW5Y9njTkcgcajEVSqpQLNFOoCi289RNgKyMImm-4XLJPII6GYxQOubEUtrpeznumk0Hz8WQBaUohQ1Hi7hQ-kkESUuB7D8biG83b9aA78m-I0&pt=text&li=rbox-t2v&sig=6203b1b21652878686c7fee1ee908d53f23be1f7f25c&redir=https%3A%2F%2Fom.forgeofempires.com%2Ffoe%2Fde%2F%3Fref%3Dtab_de_de_videonew%26external_param%3D2965949206%26pid%3Ddiariosassociados-correiobraziliense%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Ff1915e48f459311820b4ac5b9f72ad3c.jpeg%26tblci%3DGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDJqD8oud3PisX1rZHKAQ%23tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDJqD8oud3PisX1rZHKAQ&vi=1643024286880&p=innogamesforgeofempiressc&r=47&lti=deflated&ppb=CE0&cpb=EhIyMDIyMDEyNC05LVJFTEVBU0UYtBIgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MDAyOICuy8sNQJvjCUiJihBQ2LbZA1ij7BBjCNcWENUfGCNkYwiqIRCmLRgHZGMI0gMQ4AYYCGRjCJYUEKAcGBhkYwjcFRD7JRgJZGMI_R4QtioYC2RjCPQUEJ4dGB9keAGAAQKIAeb14sQB&cta=true
Title: Jetzt spielen

URL: https://verdauungsumschau.apriwell.de/?utm_source=taboola&utm_medium=referral&utm_campaign=%20TAB_NEW_rDE_dDESK_bSMART_Broad_Quantensprung&utm_term=correiobraziliense.com.br&utm_content=Neues+Mittel+gegen+Verstopfung%3A+T%C3%A4glich+weicher+Stuhlgang&tabclid=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCD1wlQo9MKr_ork6962AQ&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCD1wlQo9MKr_ork6962AQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCD1wlQo9MKr_ork6962AQ
Title: Verdauungsumschau

URL: https://duschprofis.at/click.php?key=daigf0s6phsaon2diecz&external_id=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCD82k4o6ZuL-9jCxJ-wAQ&site=diariosassociados-correiobraziliense&campaign=%7Bcampaign%7D&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F407ed4e53e2521b7f64be4494d30e8bc.png&title=Dieser+Duschkopf+aus+%C3%96sterreich+bricht+alle+Verkaufsrekorde&timestamp=2022-01-24+11%3A38%3A07&platform=Desktop&campaign_id=13912509&campaign_item_id=3049501410&site_id=1066090&source=taboola&utm_source=taboola&utm_medium=referral&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCD82k4o6ZuL-9jCxJ-wAQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCD82k4o6ZuL-9jCxJ-wAQ
Title: DuschProfis.at | AlpenKraftAdvertisement

URL: https://www.fisherinvestments.com/de-de/campaigns/vermoegenserhalt/1a/?PC=TABROMMEI5&CC=0AE6DNXX&utm_source=Taboola&utm_medium=Native&utm_campaign=RONGIF_Desktop&utm_term=diariosassociados-correiobraziliense&utm_content=Reicht+ein+Verm%C3%B6gen+von+250.000+%E2%82%AC+f%C3%BCr+Ihren+Ruhestand%3F&taclid=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDrk0Eo3pGw7fP52ZZA&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDrk0Eo3pGw7fP52ZZA#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDrk0Eo3pGw7fP52ZZA
Title: Grüner Fisher InvestmentsAdvertisement

URL: https://www.df.superesportes.com.br/
Title: Esportes

URL: https://www.em.com.br/transito/
Title: Trânsito

URL: http://impresso.correioweb.com.br/
Title: Impresso

URL: http://impresso.correioweb.com.br/suplementos/direito-e-justica/capa_direitoejustica/
Title: Direito e Justiça

URL: http://www.cbdigital.com.br/
Title: CB Digital

URL: http://buscacb.correiobraziliense.com.br/
Title: Busca CB

URL: http://clubedoassinante.correiobraziliense.com.br/
Title: Clube do Assinante

URL: https://assine.correiobraziliense.net.br/
Title: Assine o Correio Braziliense

URL: http://concursos.correioweb.com.br/
Title: Concursos

URL: http://concursos.correioweb.com.br/page/ultimas-noticias/
Title: Últimas Notícias

URL: http://concursos.correioweb.com.br/page/previstos/
Title: Previsto

URL: http://concursos.correioweb.com.br/page/andamento/
Title: Em andamento

URL: http://concursos.correioweb.com.br/page/inscricoes/
Title: Inscrições Abertas

URL: http://concursos.correioweb.com.br/page/finalizados/
Title: Finalizados

URL: https://www.correioweb.com.br/
Title: CorreioWeb

URL: http://webmail.correioweb.com.br/
Title: Webmail

URL: http://df.divirtasemais.com.br/
Title: Divirta-se Mais

URL: http://df.divirtasemais.com.br/canal/cinema/
Title: Cinema

URL: http://df.divirtasemais.com.br/canal/programe-se/
Title: Programe-se

URL: http://df.divirtasemais.com.br/canal/gastronomia/
Title: Gastronomia

URL: http://df.divirtasemais.com.br/canal/hit/
Title: HIT

URL: http://df.divirtasemais.com.br/canal/tv/
Title: TV+

URL: http://df.divirtasemais.com.br/canal/mais-leitor/capa_mais_leitor/
Title: Mais Leitor

URL: https://correiobraziliense.lugarcerto.com.br/
Title: Imóvel

URL: https://correiobraziliense.lugarcerto.com.br/busca/df
Title: Ache seu imóvel

URL: https://anuncie.lugarcerto.com.br/
Title: Anuncie seu imóvel

URL: https://correiobraziliense.lugarcerto.com.br/classificados/
Title: Busca no mapa

URL: https://correiobraziliense.lugarcerto.com.br/busca/lancamento/df
Title: Lançamentos

URL: https://correiobraziliense.lugarcerto.com.br/noticias/noticias/
Title: Úlimas notícias

URL: https://correiobraziliense.lugarcerto.com.br/noticias/servicos/
Title: Guia de serviços

URL: https://correiobraziliense.lugarcerto.com.br/noticias/show-room/
Title: Show Room

URL: https://correiobraziliense.lugarcerto.com.br/noticias/decoracao/
Title: Decoração

URL: https://correiobraziliense.lugarcerto.com.br/galeria-de-fotos/
Title: Galeria de Fotos

URL: https://www.facebook.com/lugarcertoda
Title: Lugar Certo no Facebook

URL: https://correiobraziliense.lugarcerto.com.br/imobiliarias/
Title: Todas as Imobiliárias

URL: https://correiobraziliense.lugarcerto.com.br/imobiliarias/?cadastro
Title: Cadastre sua Imobiliária

URL: https://www.classificadoscb.com.br/
Title: Classificados

URL: https://www.classificadoscb.com.br/anunciar
Title: Quero anunciar

URL: https://www.classificadoscb.com.br/anuncio/imoveis/
Title: Imóveis

URL: https://www.classificadoscb.com.br/anuncio/veiculos/
Title: Veículos

URL: https://www.classificadoscb.com.br/anuncio/empregos-e-formacao-profissional/
Title: Empregos e Formação Profissional

URL: https://www.classificadoscb.com.br/anuncio/adulto/
Title: Adulto

URL: https://www.classificadoscb.com.br/anuncio/servicos-profissionais/
Title: Serviços Profissionais

URL: https://www.classificadoscb.com.br/anuncio/comercio-e-negocios/
Title: Comércio e Negócios

URL: https://correiobraziliense.vrum.com.br/
Title: Vrum

URL: https://correiobraziliense.vrum.com.br/busca?conteudo=anuncio&veiculo=Carro&estado=DF&de=Vrum-busca1
Title: Ache seu veículo

URL: https://vender.vrum.com.br/
Title: Anuncie seu veículo

URL: https://correiobraziliense.vrum.com.br/noticias/
Title: Úlimas notícias

URL: https://correiobraziliense.vrum.com.br/noticias/testes/
Title: Teste de veículos

URL: https://correiobraziliense.vrum.com.br/avaliacao-de-preco/
Title: Avaliação de preço

URL: https://correiobraziliense.vrum.com.br/noticias/videos/
Title: Vídeos

URL: https://correiobraziliense.vrum.com.br/noticias/motos/
Title: Motos

URL: https://www.facebook.com/programavrum
Title: Vrum no Facebook

URL: https://correiobraziliense.vrum.com.br/revendas/
Title: Todas as Revendas

URL: https://correiobraziliense.vrum.com.br/revendas/?cadastro
Title: Cadastre sua Revenda

URL: https://www.tvbrasilia.com.br/programas/programa-df-alerta/
Title: DF Alerta

URL: https://www.tvbrasilia.com.br/programas/programa-jornal-local/
Title: Jornal Local

URL: https://www.tvbrasilia.com.br/programas/programa-cb-poder/
Title: CB Poder

URL: https://www.tvbrasilia.com.br/programas/programa-vrum-brasilia/
Title: Vrum Brasília

URL: http://www.encontrobrasilia.com.br/
Title: Revista Encontro

URL: http://sites.correioweb.com.br/encontro/
Title: Capa

URL: http://sites.correioweb.com.br/encontro/revista/
Title: Revista

URL: http://sites.correioweb.com.br/encontro/atualidades/
Title: Atualidades

URL: http://sites.correioweb.com.br/encontro/encontroindica/
Title: Encontro Indica

URL: https://www.em.com.br/
Title: Estado de Minas

URL: https://www.uai.com.br/
Title: Portal Uai

URL: https://www.uai.com.br/entretenimento/
Title: Uai e+

URL: https://apps.apple.com/br/app/correio-braziliense/id862536000

URL: https://play.google.com/store/apps/details?id=com.diariosassociados.cbdigital

URL: https://blogs.correiobraziliense.com.br/vrum/
Title: Vrum

URL: http://flip.correiobraziliense.com.br/
Title: CB Digital

URL: http://www.diariosassociados.com.br/tabeladeprecos/
Title: Anuncie

URL: https://www.das-immobilienportal.de/ratgeber/so-funktioniert-der-bessere-immobilien-rechner.html?utm_source=taboola&utm_medium=dis_nat&utm_campaign=taboola_IM_D_DE_v2_Windows&utm_content=das-immobilienportal&utm_term=allgemeinIM&utm_site=diariosassociados-correiobraziliense&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQosPO2uK3rq7-zAQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQosPO2uK3rq7-zAQ
Title: das-immobilienportal.de

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariosassociados-correiobraziliense&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Patrocinado

URL: https://trc.taboola.com/diariosassociados-correiobraziliense/log/3/click?pi=%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&ri=412fddf10d0562b1bd281c0e41843b74&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&it=photo&ii=~~V1~~-3626605616488985487~~sdNoGOtW_SakIB75OSzQT5S57e8LRaLfdZXPeYBFJeQndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayt7qquzSQWn8molHxk1H84jeto52OzaZxbXDp1Q0LlmJBc2KYik0p3C6IEc76cJZoM2sg7qNp77Tob-lSuiKMtXm1xpSxH8ITachw9jBW5tyRMiMsWt_J59zH-ihmwYd_g&pt=text&li=rbox-t2v&sig=2a9f815aefcfcce9f03fd0e4d2b7de623ad0160f87ba&redir=https%3A%2F%2Fwww.das-immobilienportal.de%2Fratgeber%2Fso-funktioniert-der-bessere-immobilien-rechner.html%3Futm_source%3Dtaboola%26utm_medium%3Ddis_nat%26utm_campaign%3Dtaboola_IM_D_DE_v2_Windows%26utm_content%3Ddas-immobilienportal%26utm_term%3DallgemeinIM%26utm_site%3Ddiariosassociados-correiobraziliense%26tblci%3DGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQosPO2uK3rq7-zAQ%23tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCC66lQosPO2uK3rq7-zAQ&vi=1643024286880&p=wattfoxgmbh-immobilien-sc&r=66&lti=deflated&ppb=CMsD&cpb=EhIyMDIyMDEyNC05LVJFTEVBU0UYtBIgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MDAyOICuy8sNQJvjCUiJihBQ2LbZA1ij7BBjCNcWENUfGCNkYwiqIRCmLRgHZGMI0gMQ4AYYCGRjCJYUEKAcGBhkYwjcFRD7JRgJZGMI_R4QtioYC2RjCPQUEJ4dGB9keAGAAQKIAeb14sQB&cta=true
Title: Mehr erfahren

URL: https://www.austria.info/de/winter-in-oesterreich/salzburg?utm_source=taboola&utm_campaign=BM2163304_mk_winter_z012&utm_medium=diariosassociados-correiobraziliense&utm_content=z012-c&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDQqFco6vuAsZHvk5_sAQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDQqFco6vuAsZHvk5_sAQ
Title: www.austria.info

URL: https://safesly.com/cfedd4af-9e1f-4794-b328-aafaac1da9f2?site=diariosassociados-correiobraziliense&title=Dieser+Trick+erm%C3%B6glicht+Senioren+2022+Top-H%C3%B6rger%C3%A4te+f%C3%BCr+10%E2%82%AC&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fce81789749460d15395319c78ab15677.jpg&campaign=6H_DE_Proauris_Desktop_v1&utm_content=3107806150&conversionname=6H&click_id=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDimUAo2NSk2vqw3ct0&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDimUAo2NSk2vqw3ct0#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCDimUAo2NSk2vqw3ct0
Title: Hör-Profis

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariosassociados-correiobraziliense&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Patrocinado

URL: https://safesly.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=diariosassociados-correiobraziliense&title=PLZ+entscheidend%3A+So+stark+hat+sich+Ihr+Hauswert+2021+ver%C3%A4ndert&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F27fa176da2be3b122d3f79432dd5cce9.jpg&campaign=%20DE_McMakler_Desktop_Tablet_Testing&utm_content=3106387778&conversionname=6H_Lead&click_id=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCCD0VMoneeO2sTS5MbcAQ&tblci=GiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCCD0VMoneeO2sTS5MbcAQ#tblciGiCJehFt5urhWTDzvXyyCcr1vq1UkkBjVZhMd4JqM9IAdCCD0VMoneeO2sTS5MbcAQ
Title: Immo Journal

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1643024286859&ns_c=UTF-8&cv=3.5&c8=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&c7=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643024286859&ns_c=UTF-8&cv=3.5&c8=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&c7=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&c9=

Request Chain 172

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1&google_push=AYg5qPIKvkOEPaEvCeQ4SNsmehYWxX9rf71r4idpWUwaJDtc_q7UdEmIEZ5-tTUV51VLwlksfkIYLpHHtza7aVam8mNN51zllch2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzA1MDczNDkzNjc2MjM4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF6ShS1nxPL0KBDpZLmezkI&google_cver=1&google_push=AYg5qPIFaWYyc-an7DEZNZT-aqjXIFJy-z3H8hKquPXRPGeWLeQnM08xhv_VK8Ti5Y8PuHNJ8LjWFqx02UiwkoIZBdOBMUOScGd- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFaWYyc-an7DEZNZT-aqjXIFJy-z3H8hKquPXRPGeWLeQnM08xhv_VK8Ti5Y8PuHNJ8LjWFqx02UiwkoIZBdOBMUOScGd-

Request Chain 175

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM_CtVmg2pFXMddVUEh3Z-A&google_cver=1&google_push=AYg5qPJikWTMYdnQsVILFGPBGowXOl9-xRBZ4jdiaSQx6whSuq-j03cRGgqeAQm246h6zR592nLBZXOYm7rVLiJdok8vJFToeVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJikWTMYdnQsVILFGPBGowXOl9-xRBZ4jdiaSQx6whSuq-j03cRGgqeAQm246h6zR592nLBZXOYm7rVLiJdok8vJFToeVg&google_hm=M06a5IUwTgyIJYA7GonXF4M

Request Chain 177

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENslKQ6DrRIPPTBS0tZjcXA&google_cver=1&google_push=AYg5qPJU_amKYx_p-OvVLXpNPRZ-n7LH1T7-1C7X_Oi0YhE7y8ng5ofyw33qYdqelBbSLrTevN32zC_3Ds6gQb2Z-Vagzln-Uw7x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJU_amKYx_p-OvVLXpNPRZ-n7LH1T7-1C7X_Oi0YhE7y8ng5ofyw33qYdqelBbSLrTevN32zC_3Ds6gQb2Z-Vagzln-Uw7x

Request Chain 178

https://match.360yield.com/match/ebda?google_gid=CAESECTdUs1DFkGPCDFVyKqeFcA&google_cver=1&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECTdUs1DFkGPCDFVyKqeFcA&google_cver=1&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILTS74pRl

Request Chain 228

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=1a187fcd-7d0a-11ec-ab78-1c5660560106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&

Request Chain 230

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-GyG5jjFE2uFP0HqDmvhvWjFmZnjpxr6tKzIyt_s-~A

Request Chain 235

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=1a187879-7d0a-11ec-b95c-18a305860206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&

Request Chain 259

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 272

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 288

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1&google_push=AYg5qPKUZdMbxl6rG93TKxsXZud_0LF_Ng6GOFh6Lnau2igj6jfeXpjarZBhF6YwNHqrYJDIsI9QuNV5V_tYKyOaDvmv-9-eB2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzA1MDczNDkzNjc2MjM4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1

Request Chain 289

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEmm3X9G9u60-XnrtdBNn0Q&google_cver=1&google_push=AYg5qPJZEEIGK0xZmGUS5kx69fJsLENuJk2rI7YkMYPXqF0hNOOzOX9HMRl4kl9NgjQo9CGzbhWEH0x-wncQMPQL24Pcj68dttg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJZEEIGK0xZmGUS5kx69fJsLENuJk2rI7YkMYPXqF0hNOOzOX9HMRl4kl9NgjQo9CGzbhWEH0x-wncQMPQL24Pcj68dttg&google_hm=hmHuj5_wandDKh98_A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61EE8F9FF06A77432A1F7CFCBLIS

Request Chain 290

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESENUyb24_kdBpHfmUyJ-uAs8&google_cver=1&google_push=AYg5qPJNBzhi4zgQs4enTzblV_b6Apsfbx9cpsAjjhY5UtLkzWqaozrpnOhLV5g7u6jqNjSlMXpQOixmMA2vOicfw6IeNd3bx-I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJNBzhi4zgQs4enTzblV_b6Apsfbx9cpsAjjhY5UtLkzWqaozrpnOhLV5g7u6jqNjSlMXpQOixmMA2vOicfw6IeNd3bx-I

Request Chain 291

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEEBZW4TII_dwfvedZKm75O8&google_cver=1&google_push=AYg5qPLsqGT662PKxhFovuTcwvN0ImUx6FhRNBWy1w4V2YyW09glIKtKtXzqxRmnVppax4XDieIrUy3TKQvX2Shi8dA-Y4r82Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLsqGT662PKxhFovuTcwvN0ImUx6FhRNBWy1w4V2YyW09glIKtKtXzqxRmnVppax4XDieIrUy3TKQvX2Shi8dA-Y4r82Q&google_hm=QXhlT3BpZThBRXMzLVZMcjNwWlZ3RFE=

Request Chain 292

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgjM590qTf07JbcRBfOO5o&google_cver=1&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBvUeGnp-tSRw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgjM590qTf07JbcRBfOO5o&google_cver=1&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBvUeGnp-tSRw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBvUeGnp-tSRw&google_hm=f5d66eff0dc02fa60c462f11

Request Chain 293

https://cs.media.net/cksync?type=g&google_gid=CAESEDovCuRtmB4ia_yA9B7RvGU&google_cver=1&google_push=AYg5qPJDCOngFWZIWKOWYE113jvdqf3s-v-JgD5i3Uqd4eR_sqLblAs1-TATgoBHXYKEtuiOJF4vwq5NXLqQZhP-AnQML1UMJdU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&mn_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJDCOngFWZIWKOWYE113jvdqf3s-v-JgD5i3Uqd4eR_sqLblAs1-TATgoBHXYKEtuiOJF4vwq5NXLqQZhP-AnQML1UMJdU&gdpr=&gdpr_consent=

Request Chain 305

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhNzJiNmJkZGQyODdiNWE3ZTAyNDAxZTVkODVhN2M2MmVmNGY3Nw&gdpr=1&us_privacy=1---

Request Chain 307

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYSM8LHL-24-LOOA&sigv=1&esig=2~33ef2f8b7b94a21bbc2775fad00f62dc0ff1b219&gdpr=1&us_privacy=1---

Request Chain 308

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/7yNU0399ookOTgrHLfP81cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5914146251704842003

Request Chain 309

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ac361ee-8f9f-4200-b49e-3ca5ab8b5e30&expires=28

Request Chain 310

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&gdpr=1&us_privacy=1---

Request Chain 359

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211

Request Chain 362

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012412380962668515367X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush

Request Chain 380

https://rr2---sn-4g5e6nss.googlevideo.com/videoplayback?expire=1643053089&ei=oY_uYY6xJcaI6dsPqIi-mAI&ip=217.114.215.131&id=86356858bd192091&itag=22&source=youtube&requiressl=yes&mh=D5&mm=31&mn=sn-4g5e6nss&ms=au&mv=m&mvi=2&pl=20&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1640532416338778&mt=1643023990&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP99DFJ0Lrsy6ifSZWm2JSeebysTYsrZhfrzPuZmoCwOAiEAqDrP6Amz-522Wm1XpL7j0XGXR4BuuSxNKeluRTzhogE=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBqV0oN3InBk32nht3mwqwDL0ZUQkmoHIJour0rWFYvAiB1nf2SQ5B2RONuQ3lSArspsCwy6sNc2sPHnBJzpOMfnA==&cpn=hRWGBNzsI7yWWEJ2 HTTP 302
https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1643053089&ei=oY_uYY6xJcaI6dsPqIi-mAI&ip=217.114.215.131&id=86356858bd192091&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1640532416338778&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP99DFJ0Lrsy6ifSZWm2JSeebysTYsrZhfrzPuZmoCwOAiEAqDrP6Amz-522Wm1XpL7j0XGXR4BuuSxNKeluRTzhogE=&cpn=hRWGBNzsI7yWWEJ2&redirect_counter=1&rm=sn-4g5ezl7l&req_id=833a34a51e2936e2&cms_redirect=yes&ipbypass=yes&mh=D5&mip=2001:1b60:1010:3:1012:985c:946f:e8b0&mm=31&mn=sn-4g5edn6y&ms=au&mt=1643024222&mv=m&mvi=2&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKzp01yGiMtX6BDclKxed5qPp-OVTaxi_VXmdmGScDTKAiEA9VW-fsdGpFZ5nGF_1QiG3svzUVdka7n19bM8UMpy1sc%3D

Request Chain 402

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1&google_push=AYg5qPK2J9eQIL-bw46MjHvEurwo_WldevZ8nBH7nZ_kX_znkVO7tF_VJ0VucNoWbNL9aJXdOAcw03E54cUaEqn4q8_D4xLI1rs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzA1MDczNDkzNjc2MjM4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1

Request Chain 403

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPKgjexDAmaY1X909WUrR8MLT7nE26ADwoINHn6-Bd-ztASVq8G2i4Go8fOTrX-GnxdMTWQ40AhjkX-avGVBZ3qRDUpGhu8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPKgjexDAmaY1X909WUrR8MLT7nE26ADwoINHn6-Bd-ztASVq8G2i4Go8fOTrX-GnxdMTWQ40AhjkX-avGVBZ3qRDUpGhu8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPKgjexDAmaY1X909WUrR8MLT7nE26ADwoINHn6-Bd-ztASVq8G2i4Go8fOTrX-GnxdMTWQ40AhjkX-avGVBZ3qRDUpGhu8

Request Chain 405

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOce5Ur5ajVDkG5lcvaO7tw&google_cver=1&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2ESqWzTg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOce5Ur5ajVDkG5lcvaO7tw&google_cver=1&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2ESqWzTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2ESqWzTg&google_hm=jvyH70aBQ46VyOUYwbipbw==

Request Chain 406

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPDrzqzhaFV2pREJRDpAE-4&google_cver=1&google_push=AYg5qPL3u4WzrbixPmOFfql8P4I2FZNoBTxQZKLcGi4uPsWpAB7TtgYht5EChxYjoiqsXZhgWTVvPoHw4MRO51jfCnUon8U2dbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&google_push=AYg5qPL3u4WzrbixPmOFfql8P4I2FZNoBTxQZKLcGi4uPsWpAB7TtgYht5EChxYjoiqsXZhgWTVvPoHw4MRO51jfCnUon8U2dbA

Request Chain 408

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDksMSdDWZmV1lJeR9Ch9WU&google_cver=1&google_push=AYg5qPIqPWQPVgu8Zn4XkV70MlEzmPvyzVbOwaDpQjCLVmxKm-z8ZfBCYuhmgpFosOfsZTT2JjtMbVrcTe_xEhqIwIQ5lbhsXRfC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rZnNkOU9GRTJ1Rm9zVWJBUmJxejlNQnhWeFlBOEVSQn5B&google_push=AYg5qPIqPWQPVgu8Zn4XkV70MlEzmPvyzVbOwaDpQjCLVmxKm-z8ZfBCYuhmgpFosOfsZTT2JjtMbVrcTe_xEhqIwIQ5lbhsXRfC

Request Chain 452

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPIEcIoP9HWXJSkvZjBsGu-CZja3y32D3WTlZ2NkCLltJPupt3IDNOwfctJVGuOH2q0Z5Xt_p1CTURDaWSbhNDmTDaQbZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPIEcIoP9HWXJSkvZjBsGu-CZja3y32D3WTlZ2NkCLltJPupt3IDNOwfctJVGuOH2q0Z5Xt_p1CTURDaWSbhNDmTDaQbZA

Request Chain 453

https://um.simpli.fi/gp_match?google_gid=CAESEIBiImlCteuZOTum0Q_HbBU&google_cver=1&google_push=AYg5qPLRAEpNOY4FitKHlI94xHdJCsC9keqruRr_eD585TiJ-vrmx3kC3LzUMbf_0yG3VA_E-i2ypYRzck1iGg26Ebhs5VAgKHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD0202C6E41A40969AECF998DD91EE31&google_push=AYg5qPLRAEpNOY4FitKHlI94xHdJCsC9keqruRr_eD585TiJ-vrmx3kC3LzUMbf_0yG3VA_E-i2ypYRzck1iGg26Ebhs5VAgKHw

Request Chain 484

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHKoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.autohaus-koenig.de/htlp?coyotetrackingid=520835713 HTTP 301
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=520835713

508 HTTP transactions
27 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4979732-no-submundo-do-telegram.html Show response
www.correiobraziliense.com.br/politica/2022/01/ 119 KB
31 KB 533ms
17ms Document
text/html 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c00468bfa0f8cdb3f872880bd9b174b7b001078c91bd1aca26dde7369d4800e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-type: text/html
vary: Accept-Encoding
x-amz-id-2: NPnIRLK9IchDblwpbxE5lGpqB8+ygrDqUjWYou5Zm/ir+d+eZKW6nh6+GsPxJqYZ2uzFWai9zMQ=
x-amz-request-id: ZADPR2CYTBCWX1J9
last-modified: Mon, 24 Jan 2022 08:51:08 GMT
x-amz-version-id: null
etag: W/"30cd5a6c016bb62cacbed2d5233bec4b"
server: AmazonS3
cache-control: public, max-age=120, s-maxage=604801
x-varnish: 58131200 57579157
age: 19
via: 1.1 varnish-v4
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-url: /home/correio/public_html/_conteudo/politica/2022/01/4979732-no-submundo-do-telegram.html
x-url-without-qs: /politica/2022/01/4979732-no-submundo-do-telegram.html
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache2: HIT
pragma: azion-debug-cache
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-encoding: gzip

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 79ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f14fcb4dcbc143aa65f3c0eaf1d5f93d7f0d64cfc23bcfd1f470c283ff0900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27015
x-xss-protection: 0
server: sffe
etag: "1111 / 372 of 1000 / last-modified: 1643017579"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Jan 2022 11:38:06 GMT

GET
H2 200 Lato-Regular.ttf
www.correiobraziliense.com.br/frontend/dist/assets/fonts/ 73 KB
40 KB 17ms
16ms Font
application/font-sfnt 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/fonts/Lato-Regular.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/fonts/Lato-Regular.ttf
age: 0
x-url: /home/correio/public_html/frontend/dist/assets/fonts/Lato-Regular.ttf
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 0J3EHZ6N3SKEDRMN
x-amz-id-2: F3qZBQyh/m/LOB7+zPIgqUu0oJZwEQgnldlq64x/0rOP/xcrkSwGc7N/iODxhlXYNs7ePjKIGAg=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 21:05:58 GMT
server: AmazonS3
etag: W/"2d36b1a925432bae7f3c53a340868c6e"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 55480426
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/font-sfnt
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 utopia-bold_0-webfont.ttf
www.correiobraziliense.com.br/frontend/dist/assets/fonts/ 61 KB
36 KB 22ms
21ms Font
application/font-sfnt 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/fonts/utopia-bold_0-webfont.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70462a41aae0604500903ea181d7fe0e541df0b3c19c98601d78d3babb79ba6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/fonts/utopia-bold_0-webfont.ttf
age: 11
x-url: /home/correio/public_html/frontend/dist/assets/fonts/utopia-bold_0-webfont.ttf
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT765F3QP6VBC365
x-amz-id-2: Ph9nfj6eZYNbIV99+Vtq1YzPcV5GEGihlcFhZk6ZzfaF+ahUT8iE0YXyomgjn83LBbHnE5NSrMg=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:08:58 GMT
server: AmazonS3
etag: W/"168cb6123be646320e553dbc24dd5ae5"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 15993696 11409208
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/font-sfnt
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 utopia-regular_0-webfont.ttf
www.correiobraziliense.com.br/frontend/dist/assets/fonts/ 62 KB
36 KB 36ms
35ms Font
application/font-sfnt 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/fonts/utopia-regular_0-webfont.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

baa1fb78454a3c122d54e240cf8dda53b88c3d7228fa74fc5834352e4ca06155

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/fonts/utopia-regular_0-webfont.ttf
age: 5
x-url: /home/correio/public_html/frontend/dist/assets/fonts/utopia-regular_0-webfont.ttf
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT75EP3WY47WAASP
x-amz-id-2: TOcrxBG1wCp8bksi9BR2U5+zQE2PckNR3SE6NOAtPDXtguBgR9XmRf0jPgeaQjGuk2zQBfCddDM=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:08:58 GMT
server: AmazonS3
etag: W/"1f550bbb1013967496e649749788dcef"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 14944269 5047546
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/font-sfnt
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 prebid.js Show response
www.correiobraziliense.com.br/static/cb/ 242 KB
90 KB 19ms
17ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/static/cb/prebid.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91dde2a5de4d9a10c87428be0467954f52510f6b5532cb3921fde2b46a2c9ad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /static/cb/prebid.js
age: 0
x-url: /home/correio/public_html/static/cb/prebid.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT716S42T5VDPX9Y
x-amz-id-2: Ch3QM78dxiBEVx3w6T7ERSCPC2dZ8HouDZ5Y2McealNEUAe4IBhHyDXvwzyqXrqDGf0Vtj166W8=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:09:04 GMT
server: AmazonS3
etag: W/"2fbe2083c3d3fc5bad408544a1768612"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 14549523 14190925
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/javascript
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 cookie.min.css
www.correiobraziliense.com.br/static/cookies/css/ 5 KB
2 KB 33ms
32ms Stylesheet
text/css 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/static/cookies/css/cookie.min.css

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9c518c991e07eaa27e61d76cc504d670aed50746b5305a705929a413f07225e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /static/cookies/css/cookie.min.css
age: 0
x-url: /home/correio/public_html/static/cookies/css/cookie.min.css
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: JCNPAB4D3W1VRTFM
x-amz-id-2: jmwkB9s+pp+I7S1LyDN7t3DUVkvnXhz1s5+U920WhVISJ8H5LJViB56Zs97BwLeVvFtn28hAG+A=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Tue, 30 Nov 2021 15:17:06 GMT
server: AmazonS3
etag: W/"a4ee1a6629138e1f968f68a46b44c8e7"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 395154819
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: text/css
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 general.css
www.correiobraziliense.com.br/frontend/dist/assets/css/ 164 KB
31 KB 33ms
33ms Stylesheet
text/css 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/css/general.css?v=13

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0a245c229c2be93b608a6710727b105e11045acbc3006fdc7b460dc97584c3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/css/general.css
age: 1
x-url: /home/correio/public_html/frontend/dist/assets/css/general.css
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT78BGNP78MMQ1Z1
x-amz-id-2: G37b94uIsTGBs21twqWtqQ9QGdXGugKguHmx/tsAR5oUUzIwFVbbBEocCYw7CQ9k9LZL1MiWb94=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:08:58 GMT
server: AmazonS3
etag: W/"aabab32a59694cb31e3f1dc5049681d3"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 11537167 17565421
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: text/css
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 analytics.js Show response
www.correiobraziliense.com.br/frontend/src/assets/js/ 1 KB
1 KB 39ms
39ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/src/assets/js/analytics.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c686a671c11a3eb531b6fc197a4455fc239936e5c63fadf78513b6e443a95798

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/src/assets/js/analytics.js
age: 5
x-url: /home/correio/public_html/frontend/src/assets/js/analytics.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT7521X3W8EFXAKJ
x-amz-id-2: USJ0uu6JxVebWbbTLj2yIBwpjzCND+lBiBtg9vtFts0kek5ksM6lirMfLe72jRSnMrnp3CDcSqI=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:09:00 GMT
server: AmazonS3
etag: W/"9bc491459f3986feb28436c36ba88d31"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 11372659 17565424
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/javascript
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 no-image.png
www.correiobraziliense.com.br/frontend/src/assets/img/ 8 KB
9 KB 27ms
25ms Image
image/png 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.correiobraziliense.com.br/frontend/src/assets/img/no-image.png

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cd51b37f81c831a76a494704379b600926406655fe877ac0d70ddaaab618a4a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/src/assets/img/no-image.png
age: 2
content-length: 8428
x-url: /home/correio/public_html/frontend/src/assets/img/no-image.png
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-request-id: AT7EHDFY0Y53M7AQ
x-amz-id-2: UpvZxWVKICSqSTXrSHLtmA4ZYSkzN5ow7O1D8pcUmGxbuhbZw9zwY+ilOk1/Y5hbAuCwHcqtZvw=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:09:00 GMT
server: AmazonS3
etag: "1c402675e6bedcbfd873be50f4807532"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 11209775 14549525
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 no-image.png
www.correiobraziliense.com.br/frontend/dist/assets/img/ 56 B
56 B 29ms
27ms Image
image/png 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/img/no-image.png

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/img/no-image.png
age: 0
content-length: 56
x-url: /home/correio/public_html/frontend/dist/assets/img/no-image.png
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
x-amz-request-id: A7G9KTAGK7Y9CBWQ
x-amz-id-2: CK3PEr5MBNsyPscgag5HweNIKhtrksHn+XurgiJ6/eOAyVBX4vItQdlYyxd/fxmFX0dnDiRKmVQ=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 21:05:58 GMT
server: AmazonS3
etag: "1974287ae3b1364de55c0f7fea44d4f6"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 16389072
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 cookie.min.js Show response
www.correiobraziliense.com.br/static/cookies/js/ 41 KB
11 KB 15ms
15ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/static/cookies/js/cookie.min.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74ab3f22f2ebb29aa665c43a51e88305d8a1745dce23555eed1f31dbcb23e932

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /static/cookies/js/cookie.min.js
age: 0
x-url: /home/correio/public_html/static/cookies/js/cookie.min.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 0J3B0QG869BGXBHR
x-amz-id-2: qyQ9VNqc/2c++uoTPZGm/0Xl783yQJ8wWd96ldrTRTRkTUscFGDhODhiw478ZyK8/PUb5ibiWmA=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 21:06:04 GMT
server: AmazonS3
etag: W/"06c39d0e857f80d89a7502b49497790b"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 59114238
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/javascript
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 general.js Show response
www.correiobraziliense.com.br/frontend/dist/assets/js/ 82 KB
22 KB 17ms
15ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/js/general.js?v=18

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

197fbef2e8b2b2bd9b2f29074a7e9d5e28bc47e9b8433f38f754a1bdb12eedc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/js/general.js
age: 0
x-url: /home/correio/public_html/frontend/dist/assets/js/general.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 0J35PK39P5MZS3N5
x-amz-id-2: LQ3gOBSCzIu04k9MOTlPhVaMT7usOmZZ2gFKfZq5NENO8uVsky2kNwAkCHCixsVFiJCMJ0Jig6I=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 21:05:59 GMT
server: AmazonS3
etag: W/"a974a743e433c36581741641cc7a894f"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 46668222
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/javascript
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 77ms
32ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3517
etag: W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6d28f93f080c68f5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Jan 2022 11:38:06 GMT

GET
H2 200 tag Show response
a.teads.tv/page/87030/ 1 KB
826 B 136ms
56ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/87030/tag
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c507034c85ae6f12c22ae8ef30820adc09e2726cae6123e423065c2724bf50b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 626
expires: Mon, 24 Jan 2022 12:38:06 GMT

GET
H2 200 reload.js Show response
www.correiobraziliense.com.br/frontend/src/assets/js/ 101 B
914 B 29ms
27ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/src/assets/js/reload.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

25ab2eff351f3f380a452157ac66c1b8fb37fc2734247e57bab097a7059bd9ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/src/assets/js/reload.js
age: 0
x-url: /home/correio/public_html/frontend/src/assets/js/reload.js
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: D6DA4YYTZZ3K55JN
x-amz-id-2: iN/wSE23aA0+gbeVUUruI6pBzK9jUexovf6WdEnWZJCjFXF9V1zbsAgulldxHShIh7jsHAivC0M=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 21:06:00 GMT
server: AmazonS3
etag: W/"6cfdb091b541ff0c5f4272cd6a6d6932"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 6103857
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/javascript
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 read-more.js Show response
www.correiobraziliense.com.br/frontend/src/assets/js/ 4 KB
2 KB 29ms
28ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/src/assets/js/read-more.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c183ef99ba8528316d655e30af97ab28f371b78dfea3fd0e5e2b96da27a10c66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/src/assets/js/read-more.js
age: 63
x-url: /home/correio/public_html/frontend/src/assets/js/read-more.js
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT70NJFMYH2NV7KW
x-amz-id-2: JSRQ2wnGG7JX8NIV4giYmWMALjGDUEH5vcQwaNl5vP7JFdvXGlvLcqL3adFcgMUDMpbt4/DYGvE=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:09:00 GMT
server: AmazonS3
etag: W/"0c44e6b8a244eb1f360966c800fda277"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 8229479 14881090
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/javascript
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/src/assets/js/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5594
date: Mon, 24 Jan 2022 10:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 24 Jan 2022 12:04:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 80ms
34ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HG8CK

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14d416dce802a110a11d5e74534dc26a930f7d19622a87a54b0fa8c3d282b0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40295
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jan 2022 11:38:06 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/ 447 KB
35 KB 83ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db76c1a2253fc4659d0a379a751baf32a39b4400c5c8a380cdbcf929df12d595

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: KGVIaWqZzdikFWUiUpSALqFhgnhxwdUE
content-encoding: gzip
etag: "9852653d69eb5b5b6bd7f6eaf484a768"
age: 4530
x-cache: HIT
content-length: 35129
x-amz-id-2: 22GqXf3wo7ROzWGo5QNxO5MNAXChyNOubn7F+SeP0B1YQRLjmrhRC5FQcVNnWztC9Eu7LDHwzqw=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 10:21:08 GMT
server: AmazonS3
x-timer: S1643024287.590118,VS0,VE1
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding
x-amz-request-id: HT1HZF5M7CANGMTQ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 1

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 16 KB
7 KB 67ms
19ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10276-8/CT-52
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 59acf6e8bbc559ce80c92c3354c6106daaf20b0ac187370c66453a5b83d09188

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:52:17 GMT
content-encoding: gzip
age: 6349
x-guploader-uploadid: ADPycdvEoo-FDFtayOap0sBTNf3SKtVDkWAp0mYJiHBQs1ZCzO1HGApsMsgtrcHC6xySl9c1ntkBI78erRm1N47R-1w
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6265
last-modified: Wed, 07 Oct 2020 21:09:20 GMT
server: nginx/1.8.1
etag: "06fdf5fd995c335c7d29673d5998e549"
vary: Accept-Encoding
x-goog-hash: md5=Bv31/ZlcM1x9KWc9WZjlSQ==
x-goog-generation: 1602104960602001
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 6265
accept-ranges: bytes
content-type: application/javascript
warning: 214 UploadServer gunzipped
expires: Mon, 24 Jan 2022 11:52:17 GMT

GET
H2 200 sprite.svg
www.correiobraziliense.com.br/frontend/dist/assets/svg/ 470 KB
296 KB 29ms
28ms Other
image/svg+xml 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/svg/sprite.svg

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c54ded131cbebedad33479a264647b6775295ce03f320c2f1d367489aa39de9c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/svg/sprite.svg
age: 5
x-url: /home/correio/public_html/frontend/dist/assets/svg/sprite.svg
x-ua-device: mobile
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AT73HXRVMNG57DJ1
x-amz-id-2: RqKwlkYhYUZLI28KHgvSamjEPfcAvf3yQZQ9k1GYRhQcvCay7jC+xUY7yqdj5nVa+OPcFvRp4WU=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 20:08:59 GMT
server: AmazonS3
etag: W/"e8abb3adcff6efe5bc6a60832a0a10b9"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 14944268 11372600
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: image/svg+xml
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 Lato-Bold.ttf
www.correiobraziliense.com.br/frontend/dist/assets/fonts/ 72 KB
39 KB 26ms
25ms Font
application/font-sfnt 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/frontend/dist/assets/fonts/Lato-Bold.ttf

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/dist/assets/css/general.css?v=13

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiobraziliense.com.br/frontend/dist/assets/css/general.css?v=13
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /frontend/dist/assets/fonts/Lato-Bold.ttf
age: 0
x-url: /home/correio/public_html/frontend/dist/assets/fonts/Lato-Bold.ttf
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 23A6GWBW2W5VBT8H
x-amz-id-2: maVtUCmKJQMInY9Fq4zzs2bvrLui/XjAkvdBKi8GPFYkRaBxvXinvpRns1zrVN3Rd0swzHRjYQc=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 21:05:58 GMT
server: AmazonS3
etag: W/"85d339d916479f729938d2911b85bf1f"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 58196658
x-cache2: MISS
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/font-sfnt
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 / Show response
www.correiobraziliense.com.br/related/,telegram,extremismo,drogas,notasfalsas,armas,fakenews/ 12 B
728 B 231ms
231ms Fetch
application/json 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/related/,telegram,extremismo,drogas,notasfalsas,armas,fakenews/

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/src/assets/js/read-more.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

nginx /

Resource Hash

ea86d24aca6cccac4c13a9fa307f467ecdc65283c0bd7a64ca095d0c34f257d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-url-without-qs: /related/,telegram,extremismo,drogas,notasfalsas,armas,fakenews/
age: 475
via: 1.1 varnish-v4
x-url: /related/,telegram,extremismo,drogas,notasfalsas,armas,fakenews/
x-ua-device: desktop
x-host: www.correiobraziliense.com.br
vary: Accept-Encoding, Accept-Encoding
content-length: 32
x-xss-protection: 1; mode=block
pragma: azion-debug-cache
server: nginx
x-cache2: HIT
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 60558133 61178527
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 81ms
43ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220124

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f93292017f8d4c843abddf13f3a624de6770a3d464645a74b97cd0cb96420548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19349
x-jsd-version: 1.0.1231
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69f-AUDuufkbvptpWoFPOGf7pzPFDfM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d28f93f8fcd6993-FRA

GET
H2 200 pubads_impl_2022011408.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
118 KB 18ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120805
x-xss-protection: 0
last-modified: Sat, 15 Jan 2022 00:18:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 24 Jan 2023 11:22:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 441 B
224 B 67ms
41ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b7a68c0c55bc02389979fec504c62f6d3c602acc386593fd5871d76dabf8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0
expires: Mon, 24 Jan 2022 11:38:06 GMT

GET
H2 200 menu-topo-2.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 638 B
1 KB 16ms
16ms Fetch
application/json 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/menu-topo-2.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/dist/assets/js/general.js?v=18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b04740d0cb302bc4b87213cb0fb760e6101102cbde2363bc9d730012f24cd49b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /_conteudo/jsons/menu-topo-2.json
age: 219
x-url: /home/correio/public_html/_conteudo/jsons/menu-topo-2.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: XNWQP06SR5M9AJZY
x-amz-id-2: H4Z4d12ontF9MOHglnCRGbFo11ank6xgo7ZnQd7BFOtCu+UNKLyZcaTDBtXImF0KGarQvzte39c=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Mon, 24 Jan 2022 11:15:11 GMT
server: AmazonS3
etag: W/"c05a24f4e8c23dbcd84ca2d8b18e6994"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 67797000 69533959
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=120, s-maxage=1800
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/json
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 menu-sidebar.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 830 B
1 KB 16ms
16ms Fetch
application/json 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/menu-sidebar.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/dist/assets/js/general.js?v=18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efd03f99fb18d2be6b591402a01e1ffe1311297d5cfd4442a00aaa87cd28d22a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /_conteudo/jsons/menu-sidebar.json
age: 219
x-url: /home/correio/public_html/_conteudo/jsons/menu-sidebar.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: XNWJ8STPFAQH6WAJ
x-amz-id-2: hwk6RNgcwRx5A2L5b7CGoCqPzegg5po9PKhRdO+oVw7Ms9ailtgxY0Xw33jOLjHyMLobwSoxLwo=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Mon, 24 Jan 2022 11:15:11 GMT
server: AmazonS3
etag: W/"6eb88ee37c22c0816ca1526202cf6a4a"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 69926916 69763221
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=120, s-maxage=1800
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/json
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 menu-sidebar-2.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 60 B
881 B 17ms
16ms Fetch
application/json 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/menu-sidebar-2.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/dist/assets/js/general.js?v=18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efcb7861f6ff85f645d0e4777f8695f2df13212febec972efc4f214e7a47440e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /_conteudo/jsons/menu-sidebar-2.json
age: 219
x-url: /home/correio/public_html/_conteudo/jsons/menu-sidebar-2.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: XNWHTRC4W3N94HP8
x-amz-id-2: 5Nntoycy9px8ybVLlJ3b3+HS34nohI6YeibjipW1hpwlW8UvrkiOM/SuqOPrm5iA6Xx4YBiCRMs=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Mon, 24 Jan 2022 11:15:11 GMT
server: AmazonS3
etag: W/"3c2b85cfa9287d7743b2080e629a2a10"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 69959682 61178483
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=120, s-maxage=1800
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/json
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 menu-topo.json Show response
www.correiobraziliense.com.br/_conteudo/jsons/ 679 B
1 KB 17ms
17ms Fetch
application/json 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiobraziliense.com.br/_conteudo/jsons/menu-topo.json

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/frontend/dist/assets/js/general.js?v=18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51a1ddecb5296ddd775ae5d5f558eaa36b342a71e30b9a7fa8b3db824948bcbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
x-url-without-qs: /_conteudo/jsons/menu-topo.json
age: 843
x-url: /home/correio/public_html/_conteudo/jsons/menu-topo.json
x-ua-device: desktop
x-host: dapress.s3-website-sa-east-1.amazonaws.com
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 6W51EBTXG34HEC2G
x-amz-id-2: XeDgUwmWcNyGo3W4UQDMdq03k1MYubxbE6rVqoaFA/QsMUtvlnKlycUf8dW97VsTS8moFBriQJ4=
pragma: azion-debug-cache
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 16:22:29 GMT
server: AmazonS3
etag: W/"08a1ebba89c9f12ea060ef692ddf78e3"
strict-transport-security: max-age=63072000;includeSubDomains;preload
access-control-allow-methods: GET, OPTIONS
x-varnish: 553225983 543511043
x-cache2: HIT
x-xss-protection: 1; mode=block
cache-control: public, max-age=120, s-maxage=1800
x-amz-version-id: null
content-security-policy: upgrade-insecure-requests
content-type: application/json
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 1_christian_wiediger_gwkioaj5ab4_unsplash-7355318.jpg
midias.correiobraziliense.com.br/_midias/jpg/2022/01/20/675x450/ 13 KB
13 KB 458ms
203ms Image
image/webp 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midias.correiobraziliense.com.br/_midias/jpg/2022/01/20/675x450/1_christian_wiediger_gwkioaj5ab4_unsplash-7355318.jpg?20220120151818?20220120151818

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

server-18-64-115-47.txl50.r.cloudfront.net

Software

Azion IMS /

Resource Hash

481536645fef2b139a439916aa5ed977a452b3f5ad6a24cb9832f16c1c93ec44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
server: Azion IMS
x-original-image-size: 33686
etag: "cb047c46cdbd3f64bae8908826672a5f631f5f47"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 12840
x-xss-protection: 1; mode=block
expires: Sat, 22 Jan 2022 11:20:31 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 32ms
27ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2290
etag: W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6d28f93f892468f5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Jan 2022 11:38:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 86ms
24ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9264035-1&cid=71222113.1643024287&jid=770402020&gjid=1711919644&_gid=278495037.1643024287&_u=IGBAgEABAAAAAE~&z=1399743536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 24 Jan 2022 11:38:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 46 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 150e0e4971227347e3dcf48f5e8bf99ea7ab318c00d6693f1be1778e471b4798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 208 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dd4fce3d2c7713162f428e67f8e079c60a3a6f0e2515acd91b0827c416e6bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
16ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1171883170&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&ul=en-us&de=UTF-8&dt=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=770402020&gjid=1711919644&cid=71222113.1643024287&tid=UA-9264035-1&_gid=278495037.1643024287&z=1822812995

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 04:30:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25642
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/diariosassociados-correiobraziliense/ 3 KB
2 KB 51ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/diariosassociados-correiobraziliense/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d8a9e1bed8dda334fdc34cff34fa0b0b9ca6230fb0ece4353e67988bb42f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 6yOUV.5yki5PwfHBnUfXtPy7KPyIVtSq
content-encoding: gzip
etag: "97f3eb4774e102ec1d7c55b56ba97353"
age: 224
x-cache: HIT, HIT
content-length: 1173
x-amz-id-2: yhC9q+pkAm/5eWhXFB70IuvRHMrmRQUzRdId1Qb3docOqV2kVTdBLglyEHA1Y4s6QhrFVBuGpo0=
x-served-by: cache-lax10644-LGB, cache-hhn4068-HHN
last-modified: Wed, 11 Mar 2020 13:05:21 GMT
server: AmazonS3
x-timer: S1643024287.759029,VS0,VE1
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding,,
x-amz-request-id: F21Z65VYMFW65D8P
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20220124-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 613 KB
127 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1d0c6d9abab7b8a55ffbcea00e8c250684f75bdeaa13b0909e5741d98843f044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: eruhZyv.c_qB5QlVsrHanurEiM075Ii3
content-encoding: br
etag: "6121f466ea6cb98ef36ca1dff91a151c"
age: 6488
x-cache: HIT
content-length: 129383
x-amz-id-2: bUtYU2iBK9XPSSKOgyvwflEmg2X6jUtVPFF6mmdl9gGtPPnlwC135zfARZng4T78egc5WzXfDp4=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 09:43:16 GMT
server: AmazonS3-br
x-timer: S1643024287.725309,VS0,VE0
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding
x-amz-request-id: ADJ231QFBK5YR80R
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 70
x-cache-hits: 8058

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 52ms
17ms Script
application/javascript 99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 04:29:54 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 25694
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: tGsx2QBROGqWwUDrYePjvX-tJSOyWEXLMbRH_97HzqMICx3vRdGpgA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 53ms
16ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: 8JAJhTElsVRROPQms+d0yOt7qa1h5K8D0SMFCGMklgpxgnose1S8akJeTNDkFNK1BuuIggV8ZKdiADQ4Ei6ZlQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 24 Jan 2022 11:38:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 56ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7ff8a05c021df7818be3ae4ca9933dc51c7b88923bd4029da44142bad020dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XQJK9m6BKZ24FNh6kLDyag==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1682
x-fb-rlafr: 0
x-fb-debug: +TL9jaS15vjANgUn7u2eyWV6JKD8+VCfpYX9etE4n7HGoG7t0fE9nnwqpJ2RpGf+0wRmi3RKntsCfabtgJUnIA==
x-fb-trip-id: 917726464
x-fb-content-md5: 4ddf6e30996b8e60530866545664dfe1
x-frame-options: DENY
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c54d12e858a645a382701840031b282d"
timing-allow-origin: *
expires: Mon, 24 Jan 2022 11:56:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
23ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1171883170&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&ul=en-us&de=UTF-8&dt=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAG~&jid=138182345&gjid=757343616&cid=71222113.1643024287&tid=UA-81883435-1&_gid=278495037.1643024287&_r=1&gtm=2wg1j05HG8CK&z=1540086900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2703855.js Show response
static.hotjar.com/c/ 4 KB
2 KB 84ms
36ms Script
application/javascript 18.64.115.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2703855.js?sv=6

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.115.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6d7258ce9b3ff56535af3c573dbdf05e45ecce461b6dbd5e829ccc1afe15b154

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P4
x-cache-hit: 1
etag: W/afc941d75c9e4900b8d1bead4384921f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1891
via: 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
x-amz-cf-id: iKR6Q777UY_gRC2Yz70uiP_iDYyya6hS0cUrR2H_RvGez37yjRpasw==

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 109ms
17ms Script
text/javascript 2a02:26f0:fb:1b2::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/87030/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:1b2::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 971e2e464f40f2875efdd0a9aff5e754960c208f5a4d26284bb9091ee0e02e61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: C067WD6ACXGC1ZZM
content-length: 134165
x-amz-id-2: AarSUya4HGWIxrHC9Zw3VCww6/2dOQz2SUp+02Bkc6TqfMWRf5Dd7jHo9K7sbMwsk2VyZAsBqOk=
last-modified: Fri, 21 Jan 2022 10:56:32 GMT
etag: "8f1003328afae3c6f10a7b7a6097b17b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: f
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 24 Jan 2022 12:08:06 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/de352cb1-bc85-498a-8e1f-a7bbe6068cf3/ 5 KB
2 KB 39ms
39ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/de352cb1-bc85-498a-8e1f-a7bbe6068cf3/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16c8a3a705ad23d2900d806f23ef3e49169a3e1cccf98943ae40d3c01c00ec4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1024
cf-polished: origSize=4775
status: 200 OK
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0fa65675-b420-401e-8c3a-b8cce15bdee7
x-runtime: 0.073712
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ae8c2007c013760f2a4a9362888f4ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6d28f9404b1568f5-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 24 Jan 2022 12:38:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 70ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
27ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 359ms
359ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=3449632682672428&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C1x1&prev_scp=pos%3D1%26identificador%3Dpublicidade-anchorads-1&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643024286801&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=2660743869&ucis=1&hl=pt-BR&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ba409e1a05ae3b595fbf7be57f27216a9c3f3ad5b48bc81d6a767d725466edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8837
x-xss-protection: 0
google-lineitem-id: 5564861659
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138334239267
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 481 B
289 B 183ms
182ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=1942395079215545&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=formato%3Dpatrocinado-1x1%26pos%3D0&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643024286805&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=9616&adks=2713813586&ucis=2&hl=pt-BR&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=1600x9615&msz=1600x0&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17d629ae37bbc456c9880fa6d184b0731a24267296aa5e0a5b72c5b2d725aaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 481 B
289 B 153ms
153ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=2756669039295229&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=identificador%3Dpublicidade-patrocinio-1%26formato%3Dpublicidade-patrocinio-1&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643024286806&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=9616&adks=2142479370&ucis=3&hl=pt-BR&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=1600x9615&msz=1600x0&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51fc043c444c92ccde100678b1a0a435d604c2d624c01e8e621439d7558e4210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 182ms
181ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=1063662506061158&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ists=1&prev_scp=formato%3Ddhtml-1x1%26pos%3D0&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643024286808&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=9616&adks=3387571767&ucis=4&hl=pt-BR&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=1600x9615&msz=1600x0&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e296cefcfe6a0bddc3cfa2b757676f4a21b2b66c77d386d521d686d9857803d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2489
x-xss-protection: 0
google-lineitem-id: 5839720006
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372630919
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9260 6 KB
4 KB 125ms
28ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 24 Jan 2022 11:38:06 GMT
expires: Tue, 24 Jan 2023 11:38:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
191 B 330ms
108ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Mon, 24 Jan 2022 11:38:07 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 310ms
275ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dff19a6db49f1cdff7c7b26303aeb3d8abcd41a886e50c5e5ee9c38fbd8b35ee

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:07 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7bc54ade-c001-426e-9e2b-fa54150ee752
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
302 B 96ms
22ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96984f0178781820781ca984f20088&pos=cb_publicidade_retangulo_1_&cmd=bid&secure=1
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5d2d2cc2e62216cda2b555811bc12211264483e6e2105ee5067b2a6863bbc09d

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 699 B
2 KB 164ms
84ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16558&site_id=134068&zone_id=633424&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&kw=not%C3%ADciasdodia%2Cnot%C3%ADciaspertodemim%2Ctelegram%2Cextremismo%2Cdrogas%2Cnotasfalsas%2Carmas%2Cfakenews&tg_i.ref=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&tg_i.page=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&tg_i.domain=correiobraziliense.com.br&tg_i.dfp_ad_unit_code=6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fbrasil-politica%2Fcapa&tg_i.pbadslot=6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fbrasil-politica%2Fcapa&tk_flint=pbjs_lite_v5.15.0&x_source.tid=7943debd-43ea-498d-a877-b0a64c6e7e47&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5233139445199397
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1ed5d66e70164f42ff7a6afae62d21c3296a6e2b2bf33e8dd2ddfaca1ad577df

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 699
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 321ms
321ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=1146162559260347&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1190x250%7C728x90%7C970x90%7C970x250%7C980x250&prev_scp=identificador%3Dpublicidade-rasgado-1%26implementado%3Ddinamico%26pos%3D2&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643024286837&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=205&adys=483&adks=1969685226&ucis=5&hl=pt-BR&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=1170x250&msz=1190x0&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-99-86-3-3.fra6.r.cloudfront.net

Software

cafe /

Resource Hash

07f5e310ca7b42ad611591fe7ef25941bc26366004f5967acb97b6161ea21b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19526
x-xss-protection: 0
google-lineitem-id: 5786815122
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363420219
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 89ms
42ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-9264035-1&cid=71222113.1643024287&jid=770402020&_u=IGBAgEABAAAAAE~&z=1268757501

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 89ms
44ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-9264035-1&cid=71222113.1643024287&jid=770402020&_u=IGBAgEABAAAAAE~&z=1268757501

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 51ms
24ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81883435-1&cid=71222113.1643024287&jid=138182345&gjid=757343616&_gid=278495037.1643024287&_u=aGDAAEABAAAAAG~&z=1562142703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 24 Jan 2022 11:38:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmk-202002191.3.js Show response
widget.perfectmarket.com/diariosassociados-correiobraziliense/ 117 KB
32 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/diariosassociados-correiobraziliense/pmk-202002191.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/diariosassociados-correiobraziliense/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83067ddfe7872e38e3b517a48beb9cbd917788c194a1391818057ba7d03a627b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: dvEw7NwurKnIqmDeJZKFYO75zwPziuyr
content-encoding: gzip
etag: "dba9ec11017903dfeffbca1897a5ae88"
age: 5441314
x-cache: HIT, HIT
content-length: 32202
x-amz-id-2: lSqX+4j0TuuyfpH9zeqLEy1Nf2QGu/gO4hT5AXCvIzCizbSUNO4mEaZzxUKlT7JXPMrhndLdZno=
x-served-by: cache-lax10643-LGB, cache-hhn4068-HHN
last-modified: Wed, 11 Mar 2020 13:05:21 GMT
server: AmazonS3
x-timer: S1643024287.867854,VS0,VE1
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding,,
x-amz-request-id: TNX1KRSHNPV8WXFM
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1643024286859&ns_c=UTF-8&cv=3.5&c8=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&c7=https%3A%2F%2Fwww.correi...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643024286859&ns_c=UTF-8&cv=3.5&c8=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&c7=https%3A%2F%2Fwww.corre...

0
224 B

20ms
20ms

Image
text/plain

99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643024286859&ns_c=UTF-8&cv=3.5&c8=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&c7=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&c9=
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Server: 99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-92.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: -uXMPLbvsjFeVYwTRY47ZR4Fu-ViIMBC0vE7qeBUtwCmY1V2XZ3VOg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 24 Jan 2022 11:38:06 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643024286859&ns_c=UTF-8&cv=3.5&c8=Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas&c7=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&c9=
content-length: 305
x-amz-cf-id: z8qO9OIpGhxavgXnsPo6PpvROj7k7W1UGc7uHl3py86hK2gGL3UNEw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 40ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c0eb6e5bd18e88da93fded2eaefa5eb2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eb6f6c416050f16ac87dceb0f474d05b76b51c24034ba72f6b7522e95903ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiobraziliense.com.br/
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DpXxNr90KCiojCo2ivSQdg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83506
x-fb-rlafr: 0
x-fb-debug: UFQW4qCroWpvyql9K6KaWIskuB+CfQz/SbNPL/kPfLByAQrrXlFg0ELG+z/QB//BRLZXc/J83jg2T+d7tlQ1EA==
x-fb-content-md5: bc3ca735f851e048efb2152acd80469d
x-frame-options: DENY
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9e4e90c0f39e52a1a9d5f5156393ab74"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Jan 2023 11:13:11 GMT

GET
H2 200 modules.923ec619fec69a542e35.js Show response
script.hotjar.com/ 229 KB
61 KB 59ms
19ms Script
application/javascript 99.86.3.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.923ec619fec69a542e35.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2703855.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 11:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432540
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61575
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 11:29:02 GMT
etag: "6d6c65f494384174cfbb7de0db8782b1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 627HClKzyIT1z4Skc-n_XIrxgLMSu1DxyXuOgrLmltcIKRieHEavCA==

GET
H2 200 card-interference-detector.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70946163179f1146d8899ae84922ca890eb95fc2e697682c7ea94eac913be4b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 1kitZ0DoXlIyWZV.INV4rkG3YhgFojX3
content-encoding: gzip
etag: "fcbcc14b30b0386db820f2f8803dcfd5"
age: 1504
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: UgUJgfEJLiOwgwr8LXRQEg4vuXs7QcVYDGuR/kauh+lUXCXDvQ+LAHELfyovpC7lE+xpyRN9TN0=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:12:57 GMT
server: AmazonS3
x-timer: S1643024287.885034,VS0,VE0
date: Mon, 24 Jan 2022 11:38:06 GMT
vary: Accept-Encoding
x-amz-request-id: T75JRH1XZTXNFWSP
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 933

GET
H2 200 json Show response
trc.taboola.com/diariosassociados-correiobraziliense/trc/3/ 71 KB
20 KB 648ms
630ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariosassociados-correiobraziliense/trc/3/json?tim=11%3A38%3A06.882&lti=deflated&data=%7B%22id%22%3A973%2C%22ii%22%3A%22%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1643019654630%2C%22vi%22%3A1643024286880%2C%22cv%22%3A%2220220124-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9616%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A8682.890625%2C%22mw%22%3A685%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83fa631b5c31bafbc1bf73ecf22e6ca4344e51b4d5d7e59f0b02d5f0eb29bb54

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 615
date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
server: nginx
x-timer: S1643024287.909723,VS0,VE615
x-served-by: cache-hhn4044-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 169965026711516 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 191ms
171ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/169965026711516?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2bdba7efd7ed487c786b401e11030f94510c38c801d417472306247e8896a48

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: cCO/1lNUGnXxh4KE1QvtMcEMmg4gsoCIWp2XGtcx6f82kCi9yXfzcZvIm6f3eJ7pskKI/Fb8LaSR5/XYZZ5ukA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 24 Jan 2022 11:38:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 161ms
89ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=39178ab1-61dd-45c0-a7cd-54fe6099213b&pageId=87030&pid=94293&debug_metadata=hahA2DHEMm&fv=941&ts=1643024286969&f=1&referer=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 175ms
103ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=39178ab1-61dd-45c0-a7cd-54fe6099213b&pageId=87030&pid=94293&slot=native&fv=941&ts=1643024286976&f=1&referer=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/87030/ 537 B
585 B 60ms
60ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/87030/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&page=%7B%22id%22%3A87030%2C%22placements%22%3A%5B%7B%22id%22%3A94293%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A685%2C%22height%22%3A385%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=39178ab1-61dd-45c0-a7cd-54fe6099213b&formatVersion=941&env=js-web&netBw=9.8&ttfb=17
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0ba167eacd9c40a1bdf990b8a61580990d3340c186e2ea656b6095dd4b1e3f4b

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 368
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 17ms
17ms Script
application/javascript 99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/diariosassociados-correiobraziliense/pmk-202002191.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 04:29:54 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 25695
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 8NKCr_vQYjyGRWDPETlWc-Gb48GXBok20Rr9q3KWYNRMUR4FPGHOVg==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 93F2 2 KB
1 KB 54ms
17ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2703855.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-118.fra53.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: zYO7OdCsXFn-ONp1QpB-NwWfrG2xurfSD6JOdI7PUB4nDkbkhX-mHA==
age: 6643968

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame AC6A 78 KB
26 KB 40ms
40ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f14fcb4dcbc143aa65f3c0eaf1d5f93d7f0d64cfc23bcfd1f470c283ff0900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27015
x-xss-protection: 0
server: sffe
etag: "1111 / 603 of 1000 / last-modified: 1643017579"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
DATA 200
OK truncated
/ Frame AC6A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3de296968be588e7db93b0ae12986e9891cb651773ab7033b4b5fb5cdf664938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC6A 0
26 B 53ms
53ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcpY6c57no12_zjvpMixEkMG38sweQ8w4XDDEOV5MTPVPqi1IZed5XwrDcfvR0E357dNoaiVRuUTyDb86CeqaW2H0HH8yRKVpIkIEUJSIMmMYj7pRzVM6qXk2v-duKq_eBc_OR_KeAeXTJLClY0DFof453TL_MbV5PGAQCXgwpunNPubeotFY11UFzFseAfLe93eDreDr2tU9zLeKz7ftrP3ul15wDzEdkp48JFP2J649dVZVoCu4hk_D7xVe9GeCSceaeImyiNJN1_JUnqz6ZEw00oZV2figc9DriAFNYDD1JHSk86ozWsHfP5O0XePXSFFMmXjlBJa_l8xHeZ-EwcJwNDjUbbqOjJfHfiPqAk1qwqXNLx6ccp614POds-faOxbpsbAE&sai=AMfl-YQoIGa9PkqV0qwBlU14GECjwulkJBRc1QR8DHpfHONOLeGUNWBTdjeIpZRrsv7WyKNyJsVxmN2DMmJg6TISWRCcay_6xv3HregaxCQfE3s7v7vNm5_o7QDJDO9wU9w&sig=Cg0ArKJSzAaTaQQlDUemEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 53ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1916610978567674&ev=fb_page_view&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&rl=&if=false&ts=1643024287091&sw=1600&sh=1200&at=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 pubads_impl_2022011408.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AC6A 351 KB
118 KB 18ms
18ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120805
x-xss-protection: 0
last-modified: Sat, 15 Jan 2022 00:18:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 24 Jan 2023 11:22:27 GMT

GET
H2 204 2703855 Show response
vc.hotjar.io/sessions/ 0
259 B 77ms
43ms XHR
text/plain 65.9.61.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2703855?s=0.25&r=0.21797873272819301
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.923ec619fec69a542e35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-36.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: LeuTjEhCkGLY4Z_WYKYQXrS_7ZXJmNE-dRfd1WLDmXXOMNe2nTiG8A==

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 57ms
57ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3426
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6d28f9429d2d5b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 23 Feb 2022 11:38:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 53ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 308ms
308ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=280073908835338&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C200x200%7C300x250&fluid=height&prev_scp=identificador%3Dpublicidade-retangulo-1%26implementado%3Ddinamico%26pos%3D10&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie=ID%3Dd576226b700aa795-22574f7629cd006d%3AT%3D1643024286%3AS%3DALNI_MbFq7DO0WKb6fwQH1fBmakEl9bo_Q&bc=31&abxe=1&dt=1643024287162&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=1117&adys=843&adks=2539784184&ucis=6&hl=pt-BR&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=336x7953&msz=336x280&psts=AGkb-H9gHO0DtEbet8iZ025GvRQkzElXWJNniwYby_3Ixk3_B7_HAko-uCKSYeFuAI3z-6pMFtUz3dIFDCIkpSRjD5RBzIxa%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=4&ohw=336&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b045a083993e696f398fc7acdc8c6df8697928148b1f313ea72c82af8bf52089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11097
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FD0 0
0 52ms
51ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPbQ3ZUleYbryjZYhlKF_dwZ3b5YgmSspevr6ywy6yFelRTCv6msFUAvaVr3svH_xSGpxtTU_lkZwItXNbQ_-Xk4IrNc8Qhwxx8KOpdvuYgirp_mrWrYlBLPfWY8WKtthEq5CNKJ2cguFRZRDBuMPjLArpryGBxSCMob6vJqO9pLaMvFspM9eXyz2vRr6qHJgWwdVtJKn9i8aityR1M4KAYxjkeQsPAqtQHEzBd112q6VeBlumHRrDpRRqIEDKZ4i2LlcgDJvco4jmq-wNKv2mywKrBL6GlM6zkMdhQxn9FAxXFOL6S9Sehkrf19Ll2ujGFCjKuIiZCiJwR5H4OF56JWAZ2pGhD9SwYffDHhWjIc6Dqhr5jR3vwW_SbiX_998Xu7se5xs&sai=AMfl-YTgYeS0LnEJVzsLcm0T1kFzCr8zy1p6CjJ_cq1r7Vha89Qks4Y0h8xFKJgeDJL62eq8Qm55Bo6ESPdO0wC6jy5R6G-qmOtIcSMvnVIpWiM4iEc5iFjjQNwd44FSRPs&sig=Cg0ArKJSzMgyVdY7IfcnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 3FD0 19 KB
8 KB 62ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:29:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 3FD0 2 KB
1 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FD0 122 KB
37 KB 116ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3FD0 0
0 54ms
25ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrsIghP7lK6KxRM3LX4WMYoIKDKUEnuHO5IlluANGmzdoM7rrEqy--X4Z4Opia8mh5VWmeaVUW5dTklvrzQKeD-sxNcQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 4070080288595270971
tpc.googlesyndication.com/simgad/ Frame 3FD0 32 KB
33 KB 64ms
20ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4070080288595270971

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db3b5d86c502f8ad77c77b4fc7623bc55ea4f885f51f57737253ad113d8584f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:47:48 GMT
x-content-type-options: nosniff
age: 568219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33067
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:35:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Jan 2023 21:47:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F12 0
0 54ms
54ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRZjTPiYQQJYkzTCNUHFGVlSDqy6ciKPuqe3A0m5PtX-TREofWhQ9vczfKoiEPUTfrNlSfNi_UnrphpeYU2UqEPhYXOBC6rOXdQ1Bv7js7Rb2zc86LEnD6bA-I6wS80b7Vl8R-1eK_fDWw6HtsvdbZcR7iYCX97TrTL9bP5gob7QrG0lkdrEREmySL81vPRDVQMuT-8nZvh4-9tqbnOtRyKaaG2Mlw_mdWVbr-LdXSoUzDH3NFMpzF1hWlPXx5ZRFylfLVnr-WvoP0Q0SLEH-tmgAzXu_7MFbNnYHV2kI2iv4h6xRdfv-4AVWtkhmZq7EMJXkJtC3G8Zdduh4ssU0VlwSE3_UVV2rf9N2M-cBIaUSNHh53gTeNMu-PL4IA7rds-L8WlucYR2Q&sai=AMfl-YS7E9t3eEyb650V4kQMMDRJmgiOVdw-71iNA7nsnl6vxJu8zsIrdfXzq0ZJDJj-nFFR0RUdzyxULl5BGvgmQctmVMA0J92Temx0dHI5R543csiOgKDLocNshbanmNhn&sig=Cg0ArKJSzEs6dBt9AR3OEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 denakop.js Show response
v3.denakop.com/ 54 KB
17 KB 97ms
49ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/denakop.js

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36898d5f4a0c038e9cbf44ca163cacbadf300b8f0d849eb71e7252233dc8ef7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1769
last-modified: Thu, 23 Dec 2021 05:47:38 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
x-frame-options: DENY
etag: W/"61c40d7a-d770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 6d28f9433af568ef-FRA
expires: Mon, 24 Jan 2022 12:38:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F12 122 KB
38 KB 89ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AC6A 18 KB
8 KB 68ms
68ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050119006499222&correlator=2281138144839980&output=ldjh&impl=fifs&eid=31060438&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=75894840%3A6887%2CCORREIO_BRAZILIENSE_VIDEO_SLIDER&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3De39b7ce90c0c5691-228c91f328cd0035%3AT%3D1643024286%3AS%3DALNI_MbY7DpCKDx4iQoEVkXhiy7YlWnUIw&cdm=www.correiobraziliense.com.br&bc=31&abxe=1&dt=1643024287197&lmt=1643024287&dlt=1643024287056&idt=136&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=800&adys=9574&adks=3860426028&ucis=cmfiwjr4hqnb&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&top=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=16x17&msz=1x0&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=940071333&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f4c833247bbc838f12ae39c46e2e2ad09efd599f0f0f263131974d6d343e17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8501
x-xss-protection: 0
google-lineitem-id: 5800210972
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369910129
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC6A 12 KB
9 KB 76ms
31ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011408&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c9cea094cdf740d7fe71868a2d8b5e51ae24c6d3cbab64379e30b6d2eb4c678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9169
x-xss-protection: 0

GET container.html
f3295a2967d2806bb1ebdd4f8859da26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2951 0
0

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/de352cb1-bc85-498a-8e1f-a7bbe6068cf3/ 176 B
570 B 71ms
45ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/de352cb1-bc85-498a-8e1f-a7bbe6068cf3/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97aeb546a112bb3d441228bd35b55608ee3e9dc64d6b93b2982400a702e10442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 343eca8c-e126-4d6e-985c-740d4b2c456e
x-runtime: 0.006107
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"97aeb546a112bb3d441228bd35b55608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6d28f9434b295bfd-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3419 0
0 53ms
51ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgSRdEA0deh2DhAUfIfKbZGy5PBy7DkVhTNdelYtmBY7fcLkAtwzOrYD0yTW6FdJUOfDc-pixcI97VdUB96HJf0hBjBUTiOj13CrgMzKK75THBHR1xBID7Yrk6SDvL6d7Vu3XoGA07Z494_6xuecM4LRoIf1CWoSKItmFQMxXdiQ4K8AQs9jxR36WG8lJ1URiBAma3ckLT1YZajIIfUyVWSkhG7hb-43GohAFQW0CeX1_xGTaGxyVffXe8clQgFK56EbrWynfDRnnAVXRS0xwwWTq_tmuBEKmFFaIVF3Gi14aqbYpJaTWV1KEVGNqtrbFtNZLgg_gspxLh9gK_TaKq0ceOXhVJAHzgyQ&sig=Cg0ArKJSzKtQO06dWt-nEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 24 KB
6 KB 359ms
125ms Script
text/javascript 2a02:26f0:ef::5f65:4d56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=61791635557ecb2c020c45cb&AV_PUBLISHERID=609a764ab3287943571a812c
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5f65:4d56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2552a2bd71d3de1d1381e06f97a47dbfe383b480bad9b37bfc0b6064360faa3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6076
Expires: Mon, 24 Jan 2022 11:43:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3419 122 KB
37 KB 76ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC6A 17 KB
6 KB 59ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H2 200 2a924d69-1390-4555-9625-fbeec1221ccb.png
img.onesignal.com/t/ 18 KB
18 KB 51ms
27ms Image
image/png 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/t/2a924d69-1390-4555-9625-fbeec1221ccb.png
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fac4ba4e4f3a06edcfcb520feba5261bae7495011c0cb66c62e9ec671cb9b4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
cf-cache-status: HIT
age: 327
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18369
x-amz-id-2: 0ix1yMRHAOdUF2t8c3Xun+kBdlgSKsJ3rEhUmXrDa2SXSKHEFwCGbyZn5HJjoj8NhYMa1YFwgHI=
last-modified: Wed, 24 Oct 2018 20:50:59 GMT
server: cloudflare
etag: "8a78260e362a8bc75b1937f7c9163e68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: B56TTKTKQFV209DY
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6d28f943baec68f5-FRA
expires: Thu, 24 Feb 2022 11:38:07 GMT

GET
H3 200 correiobraziliense.com.br Show response
v3.denakop.com/ad-request/10066/desktop/ 684 B
729 B 447ms
417ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/ad-request/10066/desktop/correiobraziliense.com.br

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af28bd00423f3e2e1f7cf7c746281a98f35feb4f2a5f6d5c6da1236359311a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiobraziliense.com.br/
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: private, max-age=1800
access-control-allow-credentials: true
cf-ray: 6d28f943d82a4339-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame A8F3 13 KB
5 KB 42ms
17ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 15:40:09 GMT
content-encoding: gzip
age: 71878
x-guploader-uploadid: ADPycdsTfuUUGukOx2KE-xnSH_xq4oa8MzBFznmZxVWonPndMQs2sqidMXzuzP2rQ-PjQEVdYGV-k21osFakUBAak_0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5285
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "b8c76dc45116253f6649e4a5049e4d10"
x-goog-hash: crc32c=f1OzIw==, md5=uMdtxFEWJT9mSeSlBJ5NEA==
content-language: en
x-goog-generation: 1632418656181594
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 15:40:09 GMT

GET
DATA 200
OK truncated
/ Frame 8F12 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0931de6be12c30be5bc3b6cbdc41f64f2b48612eddf0a2ffd9019b48b647b40b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F12 0
0 52ms
52ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4zHm2PmlSajzMKIgH1TWgNCLSlQBm8sIpE_JORe8vOEA7WyL7LiZAapmnSxg_F4RrXblmaB5YRFvL9xfUUG7haoOGqMrQZpDPCTHMayVuy3mb6tmYQ9jLCFO5CW7wicDDXhywScWdn_L10mvEbQwfE7xP14zu0GHM_Ux8hG2YZqr_IR4RNQffCyeRYZUNBfHwroYdjSZQam_NMj_9tvU0hohDCR2LtxXGWkJyPwrPwhxyphxFm-_o2k_67Xps0Zj0cJQtFSuXCFVZ4gTi6IXBbZm-4iD37AW0IE-7WUzBA0_SDNK-a64xIGxwDYyWPw_TmiJ24zG18DWx-Nw_WYhQiUS7aar6RwOISAGhe5kzA1G1sv-S1EyemOqwmcc2SlsvAr4gfln2kdqt0g&sai=AMfl-YSq5xpI0DHln1Qr1APTEEj5upRSBNtqCH3HMhS5JSEmdoRMtuv0_DjlA69BwmYE8gwTFcqpXkm3zjdr0RfU5Nj_uks4SEQPT7ZfEcXZoi-c-vFoID2S-Ahh0okbMolQ&sig=Cg0ArKJSzKsnrnsfiWvkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169965026711516&ev=PageView&dl=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&rl=&if=false&ts=1643024287352&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.2.1643024287351.700243818&it=1643024286889&coo=false&rqm=GET

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FD0 0
0 53ms
53ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHWYPx9IAOIItT9VGog2r4Tbs-PwPnTKguwQ0tYVi-fwz2TajbAjKjbWDoPWWU3MsqqOCTe_AmZB6tnB79f-Uaj0uqefO7X3n8UQxT5cI6sitA5XRz4Le8WZp5slJzqcToVolbxHO_olAffIFgHUaOWlc1L4AJuuLpxv0z5gJqj74NmJy5UsN7JiLJHAvRZvg_UEkSlzo0vkW4FvNOXflIAyLSeE1uTJRlDfic_4ZVwdxooA3cE4BMu9ImElWuZN9T6qo6meR6TwaIKR5FjTalIN9Cz2U1tJxDa0Uv4CJHC8Dv0-tEe_tn0GoyuP4_o59caU0eOaQFRSBigGkUGmiHf9JelzaPXYxtmY_V2IDvDWHkBB-kPeHgkVFKCoA2dX4yCe_Uu--qYA&sai=AMfl-YT3IrQQnMr-Ym8Z1VM1OYd4dTM27aS8LlDP-WSs0pXfxHD7fKz2ipH5Zyc_giOiPWhIRRM1r5p81hd42a9lmLku4w65uwStOBjBn3Ui2YwWMnKqYnnBj2URlqEEtYc&sig=Cg0ArKJSzJUQZaSYqOCREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
DATA 200
OK truncated
/ Frame 3FD0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565fc872055c5d87f06edf6c259f686ef8b10c11581f77cdd1ee2c1154905a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3419 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 769c66301efd36ede88c68c325cc8e0b807cb81d0ff1c262972b66690f446174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3419 0
0 52ms
52ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus3nwdKrgKaevXojzcuMiQb0QXW9uIFaX6DTp5PigpQRzi-44b3VcAbhiTKD2LSI65FLnLjTX5Q2QoPTeFVGhtV6oPA08uJVxYVEERfW0d1LK5JbKdW4hz6cyNiOmkXWcy-NqQdzGdTGYAc0_61WgGRgOdPkRfHsf74FCKvpaF1xFf9n62kQA3cARhT_tZoaavlmROuxZcI6a-kHoegJq5FT5Bino6WQkgZz6Ib1r5_FnkRhdI01RHGiUszvvG65cCsGPaUrjt6dWEMJ8MHXpD1LhnOn093ld2Vr4Uspu81xy2G9oWcinxa1WnSApiNjU7Lf8TnJHR_ccagCQifnv9AuijlHnRM5NoWnKQ&sig=Cg0ArKJSzAJaF6dz18plEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B78 13 KB
5 KB 17ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 11:08:48 GMT
expires: Tue, 24 Jan 2023 11:08:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9709 783 B
534 B 29ms
29ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

571d8a9cc559f774050803a74a8fee369517b6c0638ee5fa8f01cb275a44898f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sx+p1jFL0reQpD9vVBJfrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 24 Jan 2022 11:38:07 GMT
date: Mon, 24 Jan 2022 11:38:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sx+p1jFL0reQpD9vVBJfrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame A8F3 92 B
300 B 160ms
112ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
via: 1.1 google
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jan 2022 12:38:07 GMT

GET
H3 200 i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B78 35 KB
13 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 15:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 15:29:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9709 0
0 85ms
67ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011408&jk=3050119006499222&rc=
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A6CE 6 KB
3 KB 45ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 11:38:06 GMT
expires: Tue, 24 Jan 2023 11:38:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tb Show response
15.taboola.com/ 38 KB
12 KB 38ms
37ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=diariosassociados-correiobraziliense&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&encoded=1&uid=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&variant=-100|2356&callback=TRC.videoTagCallbacks.videoCallback1&cb=1643024287547&tagid=&cntry=DE&platform=1&sesid=3753a8cf0ada976f8cc4a83bca7eb1b1&itemid=/politica/2022/01/4979732-no-submundo-do-telegram.html&viewid=1643024286880&geolat=&geoing=&deviceifa=&appid=&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ri=0adb794e9381079d704d605d82c95533&appname=&cdb=&gdprApplies=true&rid=&sii=5580310786385734806&oee=true&tpubid=1066090&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=RP&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1066088&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 138637650dc5b737626cb45c8ce992f9f5eb3c230d089b1886f3798bbc47e4d4

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiobraziliense.com.br
machineid: 1444
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4044-HHN
pragma: no-cache
server: nginx
x-timer: S1643024288.556462,VS0,VE22
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b89936df2a225a98031b41e53df663e0af0fa64d99a5975ab7efe8630cc98a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nP_WwniItTykgL0Vz7ir9cqhQyGDqffs
content-encoding: gzip
etag: "9fbe9fa5d738d0bec1ce3f3e05b9603e"
age: 1517
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: h6xZK4zsyyc0z9NQLEZ1q07bPtISnR5Gx4humTThoXlHzrxQNxUcKzmb9Vu3bRle+ehCKCBR0mw=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:12:45 GMT
server: AmazonS3
x-timer: S1643024288.563057,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
x-amz-request-id: 3E1DHAKRH78B37B1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 1447

GET
H2 200 cta-component.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
5 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59081fd37f4efddd3be474009b450283a3a60a3e6c82b930a7c952fd3e449034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: gw5999DSaCvAIxFzFqsQejMts_7.L54t
content-encoding: gzip
etag: "2695ec4376c9f2ff05ac6ccd9c356489"
age: 1508
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5021
x-amz-id-2: gX5FdBDx2Ifxmj6azn8tlO7AD9lWhXeCpgtTHn6oo3JkUnj1dOPgHfaUg0l+g32tos5z5x0iMVY=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:12:55 GMT
server: AmazonS3
x-timer: S1643024288.572080,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
x-amz-request-id: 03RHK0J2YW0R41ZE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 1359

GET
H2 200 userx.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7b77977582530b77c54e8a4af3a3ff6db7cb64a9b06294b0964b1a0c46a3c45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: UtAUDMUjhk_CGNiWxSMY3Wmjtx.Q9Epr
content-encoding: gzip
etag: "9c0024bca437f9ed6160edb508bd0be9"
age: 1557
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: Pz9mGLydWIdDjS3OYxHEHydsS830cxkbaZUR5yKZWPAptXmZPvb54qZt/7W9jt5DrucwI43Kat4=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:12:05 GMT
server: AmazonS3
x-timer: S1643024288.573143,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
x-amz-request-id: G8RXSC168DR45SH5
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 1001

GET
H2 200 distance-from-article.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62836ac67b0ef7ca22939dfa00b2b2749e8be54d179626161a083682d464aa0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: fU2YXmE9d03qDAYUYBQ2Fst2ws5czuMd
content-encoding: gzip
etag: "72e72c83eeaaa012d9fd0f6ae455949c"
age: 1509
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1006
x-amz-id-2: gMtgibNX7f21Ica+ZsGBkblb+SSvqucgbXtR01549k6zV0bofm1V/gwL1k0dG+0jY3peCcDiAfg=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:12:53 GMT
server: AmazonS3
x-timer: S1643024288.573748,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
x-amz-request-id: 893XV0QX73BW8D3Q
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 876

GET
H2 200 article-detection.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44e2ef990d96b2586907c4e9409d4b0baeef40a43473e7b5744101ec4e97dbf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: M6X5qyRVTe6ThGngOuPbT1i3.qlWP.l5
content-encoding: gzip
etag: "a57a857392014eff751d6a65449501fa"
age: 1501
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1235
x-amz-id-2: seAbvSkYJ7YOzEojWr/X+4c33mpIqIdBlBBtfq/weB7BWyPecUIPYWRz5bvfDwn/JV4qP8CN4iE=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:13:02 GMT
server: AmazonS3
x-timer: S1643024288.573852,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
x-amz-request-id: WJCZJQ186TGKPG50
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 872

GET
H2 200 explore-more.20220124-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 15 KB
5 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20220124-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-correiobraziliense/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18d643fc066ed4f5b64a07a8cc7d23659e7f82073e293a11d96dcfbd11ed40e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nRMIm6m3KlzAQVGn..Ee3K5PGxYGTxVK
content-encoding: gzip
etag: "5415591ec98394ee898f9e3ed74ccdc7"
age: 1517
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4481
x-amz-id-2: 3EOQpYcliSuQyUiMHdWgAyz0Zf0IAvQ4wZ5o2w8y2lUsGZDe6nQXP6FwLTwzFCCVm89CmHDTpPg=
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 24 Jan 2022 11:12:47 GMT
server: AmazonS3
x-timer: S1643024288.586579,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
x-amz-request-id: 3E14X428K8307EWC
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 470

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 17ms
17ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 33
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: vdA1fM/ueVcBDOoUVSEDRpa24mwHyUIbutJtEAlNDOonE4Ed3pW5LXSBfg1anUvlIEPpR7ITYCg=
x-served-by: cache-hhn4044-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1643024288.616284,VS0,VE0
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: C4YJQ6A4BDP6Z3HK
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 70
x-cache-hits: 16

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.0/ 100 KB
29 KB 18ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b1f538b40a37db8c2ebcdf9e21c876efe0d64f26a5add226f9dc2238e79c8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront), 1.1 varnish
age: 1160537
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29170
x-served-by: cache-hhn4044-HHN
last-modified: Sat, 08 Jan 2022 10:02:24 GMT
server: AmazonS3
x-timer: S1643024288.639121,VS0,VE0
etag: "3577d1f8c0b53a951076bd6706136f51"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: zrCOpMOSBLQDWZnCYxdka5SowbUrLRkT0TlHttxhcn-iAeBCT1BBKA==
x-cache-hits: 35796

GET
H2 204 social
am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/3/ 0
231 B 87ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/3/social?route=AM:AM:V&lti=deflated&ri=0adb794e9381079d704d605d82c95533&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&pi=/politica/2022/01/4979732-no-submundo-do-telegram.html&wi=5580310786385734806&pt=text&vi=1643024286880&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas%22%2C%22sec%22%3A%22redes%20sociais%20%22%2C%22aut%22%3A%5B%22Luana%20Patrolino%22%5D%2C%22img%22%3A%22https%3A%2F%2Fmidias.correiobraziliense.com.br%2F_midias%2Fjpg%2F2022%2F01%2F20%2F675x450%2F1_christian_wiediger_gwkioaj5ab4_unsplash-7355318.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=11%3A38%3A07.634&id=5458&llvl=2&cv=20220124-9-RELEASE&
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
trc.taboola.com/diariosassociados-correiobraziliense/log/3/ 0
260 B 36ms
35ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/diariosassociados-correiobraziliense/log/3/abtests?route=AM:AM:V&lti=deflated&ri=0adb794e9381079d704d605d82c95533&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&pi=/politica/2022/01/4979732-no-submundo-do-telegram.html&wi=5580310786385734806&pt=text&vi=1643024286880&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1643024287640%7D&tim=11%3A38%3A07.640&id=6754&llvl=2&cv=20220124-9-RELEASE&
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 15
pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1643024288.653640,VS0,VE15
x-served-by: cache-hhn4044-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 9adf2a98315baed83bd4692f1333a9e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 21ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d168c3475686062ea80bfc3d71fc2223acd0867cf79b3cb96b69b50ca773d431

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1208857
edge-cache-tag: 586919808178527439769263544249810208008,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586919808178527439769263544249810208008,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 126
expiration: expiry-date="Fri, 14 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
content-length: 18258
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 14 Dec 2021 16:37:17 GMT
server: nginx
x-timer: S1643024288.660096,VS0,VE0
etag: "45c08c5a4dc01f8514ff8267423e1b7c"
x-served-by: cache-bwi5059-BWI, cache-iad-kjyo7100138-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 eeed5a750e83c301d99ad253bdfbfc36.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_503,y_210/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 25ms
22ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_503,y_210/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eeed5a750e83c301d99ad253bdfbfc36.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ec810ab8aebca3c42676474daebafe1feac30d3496101e8fa98c720042fe824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1560224
edge-cache-tag: 580532345411939288123614521396679570736,291645326881009953794436800946310920399,29ecf9b93bbf306179626feeda1fab70
cache-tag: 580532345411939288123614521396679570736,291645326881009953794436800946310920399,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 393
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_503,y_210/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eeed5a750e83c301d99ad253bdfbfc36.jpg
content-length: 22458
x-request-id: ef4153dcd62ce2a6bffde723621e500b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Wed, 05 Jan 2022 12:57:25 GMT
server: nginx
x-timer: S1643024288.659859,VS0,VE1
etag: "650db04d8e612a028a4c3acdb6b74792"
x-served-by: cache-dca17778-DCA, cache-iad-kjyo7100145-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 ce81789749460d15395319c78ab15677.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
19 KB 22ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce81789749460d15395319c78ab15677.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbf7bf71a993c397b0c2698a8833c68b690ee17dfcedff10946c61f1279a763

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 2423694
edge-cache-tag: 569865746606388430281740059698320847615,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
cache-tag: 569865746606388430281740059698320847615,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 148
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce81789749460d15395319c78ab15677.jpg
content-length: 19158
x-request-id: 9dfda7b8cff688db9269db91bcc31bd7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 27 Dec 2021 09:28:13 GMT
server: nginx
x-timer: S1643024288.659970,VS0,VE1
etag: "dc5ee010a768df7194922f2b539057aa"
x-served-by: cache-bwi5071-BWI, cache-iad-kjyo7100155-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 f1915e48f459311820b4ac5b9f72ad3c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 26ms
24ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1915e48f459311820b4ac5b9f72ad3c.jpeg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e93dcec2a09e14873c3c2e9f149d91d78414cd9a45e87ea54739e0b34ba81602

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 5273173
edge-cache-tag: 390858461851617090395919893697067935746,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 95
expiration: expiry-date="Sat, 04 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1915e48f459311820b4ac5b9f72ad3c.jpeg
content-length: 34848
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 03 Nov 2021 05:24:09 GMT
server: nginx
x-timer: S1643024288.660483,VS0,VE1
etag: "7f38de3bf46d72c80ec3886effba848b"
x-served-by: cache-bwi5051-BWI, cache-dca17728-DCA, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1007301188__s3JDdwEu.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 10 KB
11 KB 26ms
24ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1007301188__s3JDdwEu.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0579a2f779df65f38522f65ac7ac6462fdf369743d606c29b9678d6b07f20ff3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 2683746
edge-cache-tag: 530010935010615438016517243129634096555,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530010935010615438016517243129634096555,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 89
expiration: expiry-date="Mon, 03 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1007301188__s3JDdwEu.jpg
content-length: 10710
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Fri, 03 Dec 2021 03:54:35 GMT
server: nginx
x-timer: S1643024288.660485,VS0,VE1
etag: "792d82f4fddfcbedc90e84bfffac3886"
x-served-by: cache-wdc5521-WDC, cache-iad-kiad7000150-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 50ms
48ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8c57773da6d385ce7093958ded46ffda1545767acc63fb6d585d628795c642e

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiobraziliense.com.br
machineid: 1451
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4044-HHN
pragma: no-cache
server: nginx
x-timer: S1643024288.660511,VS0,VE29
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 407ed4e53e2521b7f64be4494d30e8bc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 24ms
22ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/407ed4e53e2521b7f64be4494d30e8bc.png
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 68985e8caa3164aa02c10c5057051e3cea6cc2fd626f8740c0ad4839f60fcf6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4146149
edge-cache-tag: 391486141367942434071635263188890339825,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag: 391486141367942434071635263188890339825,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 208
expiration: expiry-date="Wed, 05 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/407ed4e53e2521b7f64be4494d30e8bc.png
content-length: 6666
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Sun, 05 Dec 2021 03:16:07 GMT
server: nginx
x-timer: S1643024288.660501,VS0,VE1
etag: "973ce39f09bdea4505fe1132bf18a8b0"
x-served-by: cache-wdc5538-WDC, cache-dca17736-DCA, cache-iad-kjyo7100056-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 550ms
549ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c4f687b3379ea78522e9734217c99c834771b28b7934d73ab9200f54f51a3bc

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiobraziliense.com.br
machineid: 1484
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4044-HHN
pragma: no-cache
server: nginx
x-timer: S1643024288.660845,VS0,VE533
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 95d75e923367c86734d0997586779b52.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 19ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95d75e923367c86734d0997586779b52.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f79e2ea015a1490c8a77e5688b0ad66fe4157d2ff1785c614d61e6740bb81fb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 5449225
edge-cache-tag: 513136759690850867610306542186839706356,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 149
expiration: expiry-date="Thu, 02 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95d75e923367c86734d0997586779b52.jpg
content-length: 6696
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 01 Nov 2021 15:16:51 GMT
server: nginx
x-timer: S1643024288.680163,VS0,VE1
etag: "b2625ecae7bd2125b78830c6fcea4eab"
x-served-by: cache-wdc5532-WDC, cache-dca17733-DCA, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_cbpfot260620202562-24231525.jpg%3F20220123200821%3F20220123200821
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2020/06/26/675x450/ 6 KB
6 KB 17ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2020/06/26/675x450/1_cbpfot260620202562-24231525.jpg%3F20220123200821%3F20220123200821
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a14fb4d48dec3eacba55a6e447ff763131f4769dcaaec303d1fb9d828dc84bdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 43019
edge-cache-tag: 317060800122711772455334801871296838065,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
cache-tag: 317060800122711772455334801871296838065,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 348
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2020/06/26/675x450/1_cbpfot260620202562-24231525.jpg%3F20220123200821%3F20220123200821
content-length: 6044
x-request-id: f1a5f539d2d21f96ec753a168d486552
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Sun, 23 Jan 2022 23:14:24 GMT
server: nginx
x-timer: S1643024288.681512,VS0,VE1
etag: "3c7aa7261cda857caec8e8955553b93a"
x-served-by: cache-wdc5520-WDC, cache-iad-kjyo7100150-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_exames_laboratoriais_ainda_devem_confirmar_causa_da_morte_1_78411-7363861.jpg%3F20220121212432%3F20220121212432
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/21/675x450/ 11 KB
12 KB 17ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/21/675x450/1_exames_laboratoriais_ainda_devem_confirmar_causa_da_morte_1_78411-7363861.jpg%3F20220121212432%3F20220121212432
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bd6c25b44ed7a92969d7a29c9a830f28b1563be0d7c1fa38f4536321449ceca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 210516
edge-cache-tag: 516438474766747854811320770883215459426,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
cache-tag: 516438474766747854811320770883215459426,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 368
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/21/675x450/1_exames_laboratoriais_ainda_devem_confirmar_causa_da_morte_1_78411-7363861.jpg%3F20220121212432%3F20220121212432
content-length: 11098
x-request-id: 2716b790ad0ea793db4016e2feaf94fd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sat, 22 Jan 2022 00:36:39 GMT
server: nginx
x-timer: S1643024288.682255,VS0,VE1
etag: "05535d100afc8b4e4e010495e692004f"
x-served-by: cache-bwi5083-BWI, cache-iad-kiad7000072-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_pri_2204_0701_24cm_cor-6619238.jpg%3F20220123204636%3F20220123204636
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/04/22/675x450/ 7 KB
7 KB 17ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/04/22/675x450/1_pri_2204_0701_24cm_cor-6619238.jpg%3F20220123204636%3F20220123204636
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 107aac48bc24cf7eb13325007e74ef0fbc15fc24ef14c7a9ee9da424fb7eb8db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 38940
edge-cache-tag: 396609089399742848202349233396258082703,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
cache-tag: 396609089399742848202349233396258082703,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 300
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/04/22/675x450/1_pri_2204_0701_24cm_cor-6619238.jpg%3F20220123204636%3F20220123204636
content-length: 6924
x-request-id: edf8e571895fbc91eab08f2adef8cc84
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Mon, 24 Jan 2022 00:22:02 GMT
server: nginx
x-timer: S1643024288.682905,VS0,VE1
etag: "0a6da56265fef8edca5836759194e318"
x-served-by: cache-wdc5581-WDC, cache-iad-kiad7000136-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_http___cdn_cnn_com_cnnnext_dam_assets_220117083343_02_queer_eye_antoni_jacket-7344191.jpg%3F20220118142914%3F20220118142914
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/18/675x450/ 38 KB
38 KB 108ms
107ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/18/675x450/1_http___cdn_cnn_com_cnnnext_dam_assets_220117083343_02_queer_eye_antoni_jacket-7344191.jpg%3F20220118142914%3F20220118142914
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1b4d61efc90674b4b7bb3f6333c649e503188cdbe8eb929af17ea1db53684ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 494195
edge-cache-tag: 547852732580613308089471228773600565180,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 547852732580613308089471228773600565180,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 684
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/18/675x450/1_http___cdn_cnn_com_cnnnext_dam_assets_220117083343_02_queer_eye_antoni_jacket-7344191.jpg%3F20220118142914%3F20220118142914
content-length: 38578
x-request-id: 1ac98936b5364f233dde09d6433e0f87
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 18 Jan 2022 18:00:57 GMT
server: nginx
x-timer: S1643024288.687606,VS0,VE90
etag: "68c0754b4abb82b47b41ba8afe1ace27"
x-served-by: cache-dca17736-DCA, cache-iad-kiad7000084-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 1_cats-7313150.jpg%3F20220110205642%3F20220110205642
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/10/675x450/ 41 KB
42 KB 18ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/10/675x450/1_cats-7313150.jpg%3F20220110205642%3F20220110205642
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e791b33833081f8cb9453c25f0ef6b3f979e7d9839311f5e8fcc29cabd653887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1164220
edge-cache-tag: 582211955674654370184918896419023676450,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 582211955674654370184918896419023676450,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 764
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/10/675x450/1_cats-7313150.jpg%3F20220110205642%3F20220110205642
content-length: 41892
x-request-id: 922ffaeb68b011cc957ee89189482672
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Tue, 11 Jan 2022 00:03:56 GMT
server: nginx
x-timer: S1643024288.687687,VS0,VE1
etag: "f050390c539d2a2bcf9cd76a53d28c04"
x-served-by: cache-bwi5068-BWI, cache-iad-kcgs7200127-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_gerente_opas-6553567.jpg%3F20211208150538%3F20211208150538
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/03/03/675x450/ 32 KB
33 KB 106ms
105ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/03/03/675x450/1_gerente_opas-6553567.jpg%3F20211208150538%3F20211208150538
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ea2d9f0b6d1a85bcfc8e6bcab09d9da59a486a40ee81d646688a1c801e919c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 396165
edge-cache-tag: 598989262054253956248869434656841112742,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 598989262054253956248869434656841112742,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 784
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/03/03/675x450/1_gerente_opas-6553567.jpg%3F20211208150538%3F20211208150538
content-length: 32844
x-request-id: 2454f84795382d4e55badf53efa20988
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 19 Jan 2022 20:51:13 GMT
server: nginx
x-timer: S1643024288.699909,VS0,VE88
etag: "99429376c4d825d0e69381de9fce05ee"
x-served-by: cache-wdc5541-WDC, cache-iad-kiad7000054-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 1_0_sdc_mdg__chp_34164jpg-7296096.jpg%3F20220106164606%3F20220106164606
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/06/675x450/ 61 KB
62 KB 112ms
111ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/06/675x450/1_0_sdc_mdg__chp_34164jpg-7296096.jpg%3F20220106164606%3F20220106164606
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a4db7d565243755e27b32b01262674aded200ec4823e0213b7469f0e4fc248fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1521616
edge-cache-tag: 438331593284557429008455818727387787114,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 438331593284557429008455818727387787114,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 351
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/06/675x450/1_0_sdc_mdg__chp_34164jpg-7296096.jpg%3F20220106164606%3F20220106164606
content-length: 62590
x-request-id: 278252e2371bf0bd331d1f0038582aeb
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Thu, 06 Jan 2022 20:39:24 GMT
server: nginx
x-timer: S1643024288.700054,VS0,VE90
etag: "222dad238490c5505f7dc61df0a5b2b4"
x-served-by: cache-bwi5034-BWI, cache-iad-kiad7000151-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 1_20220114135711995423i-7333129.jpg%3F20220114200550%3F20220114200550
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/14/675x450/ 21 KB
22 KB 109ms
108ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/14/675x450/1_20220114135711995423i-7333129.jpg%3F20220114200550%3F20220114200550
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c3ce7bfc0781598a64c06c1b789eac99775ff5ca3d2b63ccb6a2a25b319b8a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 815976
edge-cache-tag: 412631593798674627868537291729208835986,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag: 412631593798674627868537291729208835986,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 57
expiration: expiry-date="Mon, 14 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/14/675x450/1_20220114135711995423i-7333129.jpg%3F20220114200550%3F20220114200550
content-length: 21572
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Fri, 14 Jan 2022 23:21:41 GMT
server: nginx
x-timer: S1643024288.700909,VS0,VE88
etag: "1d201bf8c1899ac56c7c0789cc919f8e"
x-served-by: cache-wdc5553-WDC, cache-iad-kcgs7200167-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 1_20220114185605956120o-7333048.jpg%3F20220114195450%3F20220114195450
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/14/675x450/ 18 KB
19 KB 18ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/14/675x450/1_20220114185605956120o-7333048.jpg%3F20220114195450%3F20220114195450
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3b1f38687b4bab89e9bd3b60d22ad0fe0e75a62ac6bae420a6cdd4836730ae3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 821823
edge-cache-tag: 339024547011638415775305266422291942950,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 339024547011638415775305266422291942950,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 460
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/14/675x450/1_20220114185605956120o-7333048.jpg%3F20220114195450%3F20220114195450
content-length: 18508
x-request-id: 7b0865319b8a12cea3a05c79dcaf864a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Fri, 14 Jan 2022 23:06:02 GMT
server: nginx
x-timer: S1643024288.701074,VS0,VE1
etag: "17151bf4f653f6a6720d9b1af61674ab"
x-served-by: cache-bwi5040-BWI, cache-iad-kjyo7100081-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_moro_olha_para_plateia_1_24161-7304068.jpg%3F20220107195224%3F20220107195224
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/07/675x450/ 11 KB
11 KB 18ms
17ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/07/675x450/1_moro_olha_para_plateia_1_24161-7304068.jpg%3F20220107195224%3F20220107195224
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5642b531ecf4956212cee21dbd2ae613628dc19d432f7ddfe7b9c94cd43c6678

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1425657
edge-cache-tag: 310321919710399610863876523335898378418,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310321919710399610863876523335898378418,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 428
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/07/675x450/1_moro_olha_para_plateia_1_24161-7304068.jpg%3F20220107195224%3F20220107195224
content-length: 11062
x-request-id: d846afe3dd49eedf229b92f16cf3a832
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Fri, 07 Jan 2022 23:04:18 GMT
server: nginx
x-timer: S1643024288.709015,VS0,VE1
etag: "036443472e6ed82e1142f80f26ce1b43"
x-served-by: cache-bwi5023-BWI, cache-iad-kcgs7200156-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_whatsapp_image_2022_01_12_at_12_41_37-7319631.jpeg%3F20220112180037%3F20220112180037
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/12/675x450/ 19 KB
19 KB 19ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/12/675x450/1_whatsapp_image_2022_01_12_at_12_41_37-7319631.jpeg%3F20220112180037%3F20220112180037
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 561129177be818b45be4530ba3b25c0d2b322489239f0d1bc6a3c8fc87356a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1001603
edge-cache-tag: 472113771195268083490475382033367946015,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 472113771195268083490475382033367946015,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 325
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/12/675x450/1_whatsapp_image_2022_01_12_at_12_41_37-7319631.jpeg%3F20220112180037%3F20220112180037
content-length: 18986
x-request-id: 6acd9ef6d31a541028f7872549251820
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 12 Jan 2022 21:21:32 GMT
server: nginx
x-timer: S1643024288.719562,VS0,VE2
etag: "eb3d6b3a80393718c20dc9e0515d85cc"
x-served-by: cache-bwi5039-BWI, cache-iad-kiad7000033-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9adf2a98315baed83bd4692f1333a9e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
51 KB 18ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: abcb2b4256a0ad618d7580e52ea666b3955a33795ef259435b641cc4a2c6e9d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 5760505
edge-cache-tag: 586919808178527439769263544249810208008,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 225
expiration: expiry-date="Mon, 29 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
content-length: 51602
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Fri, 29 Oct 2021 12:50:37 GMT
server: nginx
x-timer: S1643024288.727451,VS0,VE1
etag: "d6ed2a3945dd40e1b5c302afeaa16122"
x-served-by: cache-bwi5035-BWI, cache-dca17759-DCA, cache-iad-kjyo7100025-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1

GET
H2 200 eeed5a750e83c301d99ad253bdfbfc36.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_503,y_210/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 85 KB
86 KB 18ms
18ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_503,y_210/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eeed5a750e83c301d99ad253bdfbfc36.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63d8a1b52528c4727689b761b49ea9c981e69c2022be4ceaef19fa0f400e21cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1559664
edge-cache-tag: 580532345411939288123614521396679570736,340842873137393163670114526214066529495,29ecf9b93bbf306179626feeda1fab70
cache-tag: 580532345411939288123614521396679570736,340842873137393163670114526214066529495,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 884
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_503,y_210/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eeed5a750e83c301d99ad253bdfbfc36.jpg
content-length: 87000
x-request-id: e5dd3c3a57c5edfc18506db33e4aa3bb
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Wed, 05 Jan 2022 12:57:25 GMT
server: nginx
x-timer: S1643024288.739151,VS0,VE1
etag: "7c763d55f96cdb92a71fd79451dcf613"
x-served-by: cache-bwi5030-BWI, cache-iad-kiad7000031-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1_bolsonaro_hosp-7280539.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/03/675x450/ 13 KB
14 KB 108ms
107ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/03/675x450/1_bolsonaro_hosp-7280539.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e414292308beeff3522326f8c1eeea99dbb248664bc6cbb7385af9267f932529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1809522
edge-cache-tag: 462264944895402736329311144504212432544,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 462264944895402736329311144504212432544,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 505
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/03/675x450/1_bolsonaro_hosp-7280539.jpg
content-length: 13618
x-request-id: 04164ff5b4e83f4fe6fc99badedbd82d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Mon, 03 Jan 2022 12:50:20 GMT
server: nginx
x-timer: S1643024288.748474,VS0,VE91
etag: "1e70113e089ddac672a0ab0e6797dcfe"
x-served-by: cache-wdc5536-WDC, cache-iad-kiad7000137-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 1_000_9u42vl-7163857.jpg%3F20211206162633%3F20211206162633
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/12/06/675x450/ 10 KB
10 KB 107ms
106ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/12/06/675x450/1_000_9u42vl-7163857.jpg%3F20211206162633%3F20211206162633
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05847cf4d55aeb6b727ddb1a84eb0debe2277de4a362970c073c9084f98a8440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 356953
edge-cache-tag: 318577147858675653728317181864922869233,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 318577147858675653728317181864922869233,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 114
expiration: expiry-date="Sun, 13 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/12/06/675x450/1_000_9u42vl-7163857.jpg%3F20211206162633%3F20211206162633
content-length: 10018
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 13 Jan 2022 20:44:19 GMT
server: nginx
x-timer: S1643024288.763994,VS0,VE89
etag: "3b704e1fae8f4bfd02efe41c8a3f1b75"
x-served-by: cache-bwi5028-BWI, cache-iad-kjyo7100131-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 ce81789749460d15395319c78ab15677.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 22ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce81789749460d15395319c78ab15677.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aee29dfd76e1e4db64a3d0a2748cdf03b7eb758b2e23203b29d3f85aa2a9bde1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 2326394
edge-cache-tag: 569865746606388430281740059698320847615,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 569865746606388430281740059698320847615,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 88
expiration: expiry-date="Thu, 27 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce81789749460d15395319c78ab15677.jpg
content-length: 12128
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Mon, 27 Dec 2021 13:00:19 GMT
server: nginx
x-timer: S1643024288.799011,VS0,VE1
etag: "a74f070464392782ac09529d345d72ae"
x-served-by: cache-bwi5070-BWI, cache-iad-kcgs7200088-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 27fa176da2be3b122d3f79432dd5cce9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/27fa176da2be3b122d3f79432dd5cce9.jpg
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 741d0cb39ce735b587abdc41af7b82b63afb5a4cc4e4d0b6ef81cfec4f1756f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 2426521
edge-cache-tag: 579146354107085711572288004948088150644,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 579146354107085711572288004948088150644,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 113
expiration: expiry-date="Wed, 26 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/27fa176da2be3b122d3f79432dd5cce9.jpg
content-length: 21292
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Sun, 26 Dec 2021 09:46:04 GMT
server: nginx
x-timer: S1643024288.807448,VS0,VE1
etag: "f206069439d825c224915f8f7a4eb213"
x-served-by: cache-wdc5524-WDC, cache-iad-kiad7000044-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1_51753444704_e379572fcf_o-7226207.jpg%3F20211218000031%3F20211218000031
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/12/17/675x450/ 13 KB
14 KB 107ms
107ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/12/17/675x450/1_51753444704_e379572fcf_o-7226207.jpg%3F20211218000031%3F20211218000031
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d745fc4b3a840460e88fa948f3afbc13254585dfaf54017c0dc2891746e0257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 1007372
edge-cache-tag: 436341037388368041588468429079427037978,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436341037388368041588468429079427037978,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 271
expiration: expiry-date="Tue, 18 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2021/12/17/675x450/1_51753444704_e379572fcf_o-7226207.jpg%3F20211218000031%3F20211218000031
content-length: 13414
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sat, 18 Dec 2021 10:17:50 GMT
server: nginx
x-timer: S1643024288.810272,VS0,VE90
etag: "97161fed4194f50de7c0fe0d14c39397"
x-served-by: cache-bwi5061-BWI, cache-iad-kiad7000154-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 1_post_de_instagram_com_ofensas_homofobicas_e_racistas_1_78312-7348422.jpeg%3F20220119122757%3F20220119122757
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/19/675x450/ 55 KB
56 KB 108ms
108ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/19/675x450/1_post_de_instagram_com_ofensas_homofobicas_e_racistas_1_78312-7348422.jpeg%3F20220119122757%3F20220119122757
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da505b0e759228e2cc6b14d9df5dc853928713f5bbf605b329cc06790dbff8e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 414272
edge-cache-tag: 575472541681525243135376337902349965200,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 575472541681525243135376337902349965200,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 509
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//midias.correiobraziliense.com.br/_midias/jpg/2022/01/19/675x450/1_post_de_instagram_com_ofensas_homofobicas_e_racistas_1_78312-7348422.jpeg%3F20220119122757%3F20220119122757
content-length: 56522
x-request-id: 18f4afd40598d06f8ca4300d723ecd56
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 19 Jan 2022 16:21:03 GMT
server: nginx
x-timer: S1643024288.816471,VS0,VE91
etag: "063a2da4f949c07ce94c88992c6cda28"
x-served-by: cache-bwi5023-BWI, cache-iad-kcgs7200025-IAD, cache-hhn4044-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A6CE 0
0 92ms
92ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJpS6n4_uYYWbDpG1gQfqwTzJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAdW20uoDyAEJqQKWFNuJPP-yPuACAKgDAaoE_AJP0LI93m-g0JzrhxjuyGU321MtcSneMA-0URsEJf3UU8VRLmHanAtHmJ92HjQ5fNpw5kVWjTI6w3Osf4AjmKsU2rD6Rh2NfRCQ0Ngvz1JfQxULJzGmorY0gkTHhoxAJ-4f8x-6sNgjz5H3hqg8oLKm6gn3xyD1ttppD6nXLH-ANxhj6IJf66DjrV9S6Nnviyo4uzYFifLlgjUQ08ayaTlskF7frqYnrTTAWgfZKqjhiJg8c7ypMvFO2wLfamgLnC--4fQzI9N01Em2CYt8i92AwKv3qfTi1AVuo_vZxkNroiQ9RD1X30ssK4HJoQLprZlobrsfEnRFPtDRTvrejOVvGYkkPwEFFPVJmtUHJqZ7eCugZRSB0qUg2Zjkq3QCBfV8KoovuNLuKuzlC2M--6ll-hzB6ljfv05WCNi72Y1olivYJk4aVpFbL--tKsU1JLROTCKrxWNhNNzsQta4P7lMs-3zNU8yV3wUc3YvUjn54j7fNI8ekmZMB27mK-AEAYAGnIO3jq-r_7eaAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgwMDcwMDE1NDcwMTIyODMY7tEQ&sigh=Vf0gtvuAncs&uach_m=[UACH]&cid=CAQSPACNIrLMA0jp448ScQELdwORHWYRvq4Vjbuztb5CsRYeXgHNuBpPwRCoSPjnG25QLbDzyCvaGLCf2CccKRgB
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame A6CE 0
0 202ms
28ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U5ClCcc1rAL6AZ2DYgICAAAA4RrzrOwzWMxAHQNSQ2oIUhCfj-5huCeLHnbZ3dD0k_sAEg&wp=Ye6PnwADjYUK4FqRAA8g6qNauZCe9CC2Z-_E8w

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 275153
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 979F 124 KB
43 KB 244ms
167ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ye6PnwADjYUK4FqRAA8g6qNauZCe9CC2Z-_E8w&u=%7CJ1jDzMaMyS0td4%2F5XMcskooQAYFpbK5EMqkKMcB%2FJBI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF34yfdczMbE1uBiFaiduzMg9v-9pUB7i3YoO16W0TxZSuwSZBD8dh4MJ7FA-YasaHHf199Bcd2MNdxyzkiS-o_Gi2JNE4tpJ88IExTK9KUILsItvHi8wmPnyEW07LXUbjznPXTZS1v3tHuOFa_oSoyCZqJcvsW_aeJ-oYbPIDcMNG1oUkCUJX_RUGZYGU4Z8XLwSo7uo4SN_iJxm3lV0WNnHYUoFks6gl3WyJcFNc_P0RC-PBTVWiX2fgAe0geRsglTLf2Dq1d80RUE1CoJcNXli9COii4sLiIRxtyJBNpNopAuQtTZS9odk1nHjuMEjo4aJcJDmU8jEwuf6VQtzoQslgT6hi2Fapf1LCCtmkmHTasp5mgrXc9sL1OMNlEkmfnk_ayX-oJWbxG_6IzjMrk8CUv89gv6ClU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ7jWn4_uYYWbDpG1gQfqwTzJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAdW20uoDyAEJqQKWFNuJPP-yPuACAKgDAaoE_wJP0LI93m-g0JzrhxjuyGU321MtcSneMA-0URsEJf3UU8VRLmHanAtHmJ92HjQ5fNpw5kVWjTI6w3Osf4AjmKsU2rD6Rh2NfRCQ0Ngvz1JfQxULJzGmorY0gkTHhoxAJ-4f8x-6sNgjz5H3hqg8oLKm6gn3xyD1ttppD6nXLH-ANxhj6IJf66DjrV9S6Nnviyo4uzYFifLlgjUQ08ayaTlskF7frqYnrTTAWgfZKqjhiJg8c7ypMvFO2wLfamgLnC--4fQzI9N01Em2CYt8i92AwKv3qfTi1AVuo_vZxkNroiQ9RD1X30ssK4HJoQLprZlobrsfEnRFPtDRTvrejOVvGYkkPwEFFPVJmtUHJqZ7eCugZRSB0qUg2Zjkq3QCBfV8KoovuNLuKuzlC2M--6ll-hzB6ljfv05WCNi72Y1olivYJk4aVpFbL--tKsU1JLROTCKrxWMjNv1-xVkkLAbQp04jCOnKXmgexXwBSrtNKgN5xjAAvn7Jrer1lGvzZuAEAYAGnIO3jq-r_7eaAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AyZG0kx3Av7u3HpuvWu3x0NYWIw%26client%3Dca-pub-8007001547012283%26adurl%3D

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb9cf7074e30d23d19380f6422eca871c679982bf89356893ec36f667eca4f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=m6q7vuLz4PTSW59hySUDh3tAG-W1xQlyB7XwzN0amLdHm5V790p7PF3zTiRSTTbM8odvzGWyPJgNSX-YNCb8_6doTAK2I9qqcDuBD_-noLFimrwiApZAq8YtRAwt1aLER-DUmiFDSo99K8ud_Nn4RmTGaPeQMCuf9uIOI0-KKlB2xb_yABehdxk6V2beohTnxUfSl87m4CJrvMx9R1pQoN-_SuPwCIoCQQ1-rdzWdgOSQUI2pSdThm0F-S17uBSsAiyG5w"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 136291817
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame A6CE 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:35:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D268 1 KB
749 B 20ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 23 Jan 2022 13:26:12 GMT
expires: Mon, 24 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 79915
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6CE 122 KB
37 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame A6CE 15 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:27:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A6CE 22 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 10:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Jan 2023 10:05:09 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 242 KB
58 KB 98ms
17ms Script
application/javascript 2a02:26f0:ef::5f65:4d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=61791635557ecb2c020c45cb&AV_PUBLISHERID=609a764ab3287943571a812c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8889425709593626cd565d67e0f48405e66aca6a1dd9fb77b22519ef54aec62e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtBQz9ERMkJiJdyCikeB5T7zKRVmhqHKjXdp6ErjS6BdSxManuEhiEv5V54ElfoloxuzbG7rxM3bAKqJLFouMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 59052
last-modified: Tue, 18 Jan 2022 12:19:31 GMT
server: UploadServer
etag: "6b1f9ce6444ce84da9526826384884e4"
vary: Accept-Encoding
x-goog-hash: crc32c=H1LJrA==, md5=ax+c5kRM6E2pUmgmOEiE5A==
content-language: en
x-goog-generation: 1642508371365954
cache-control: public, max-age=300
x-goog-stored-content-length: 59052
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 11:43:07 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 343ms
101ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=609a764ab3287943571a812c&cid=61791426110ec737726a1125&cb=1643024287693&r=www.correiobraziliense.com.br&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&e=playerLoaded
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B78 0
9 B 17ms
17ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AQzaCw
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 16ms
15ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age: 2669898
x-amz-meta-mtime: 1580720676
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1643024288.739031,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits: 93994

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 43ms
43ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f14fcb4dcbc143aa65f3c0eaf1d5f93d7f0d64cfc23bcfd1f470c283ff0900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27015
x-xss-protection: 0
server: sffe
etag: "1111 / 881 of 1000 / last-modified: 1643017579"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3 200 prebid.js Show response
v3.denakop.com/ 279 KB
83 KB 54ms
53ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/prebid.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cbd0db8a560e9f9a31aba536d913ac14e2a172ba3ca1027bb4f167d1381a63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4357
cf-polished: origSize=286016
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 21:17:47 GMT
server: cloudflare
etag: W/"61b7b87b-45d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6d28f946cfe54339-FRA
cf-bgj: minify

GET
H2 200 st Show response
imprammp.taboola.com/ Frame E73C 0
67 B 40ms
38ms Document
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=1558ED20FD1141944371480725296&cicmp=1337627&cijs=1&dast=V7STYCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLFaDVckymBGYixGi-VotJkNh4PVbrYYLpcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbTBB0-nwue71ut_vrvFbLi-n32J5WJ9mp8vuedk1frddYvnLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwDAIqDgV0n39PnOTpsLrs_AAAeFEAAAAQwQgCk2K5EAAAAAEYAAAAASAAEEgtLABzuFk0AAAL8FsMPRk8AAAAO6mSetln-____YwDy3ptkACjSNm4MegAefAAehAAAAD6G7kMxpv9oeIeJClaLGAEAAABky10PHk3qhMqi6v___98K4AoAIMBvMfxAOOvmpJg1DAAAAGBsgR4Wv9_ssGv8bpf9_________5v9nwGgCRXVD6cFGeBKqfGMXCus_QICALC9GwDAmwBczAHYAQAAANz9____5wEAAFDtUbK9VuPZo6z3GWzhc7q76zdhi9FqMtksh7PlYjIYjoaj0f4EcjfAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNMSDqnPpfF6digfzcTn3tQsfH2SxmysWo7lksZorNotVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish
x-served-by: cache-hhn4044-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1643024288.810005,VS0,VE20
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 604 KB
113 KB 20ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish
age: 172669
x-amz-meta-mtime: 1637665336
x-cache: HIT
x-amz-meta-ctime: 1637665337
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114684
x-amz-id-2: 0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by: cache-hhn4044-HHN
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 11:02:18 GMT
server: AmazonS3-br
x-timer: S1643024288.810074,VS0,VE0
etag: "c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 1BJTM91JQABF5B1D
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 21769

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 61 KB
8 KB 30ms
29ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 varnish
age: 173504
x-amz-meta-mtime: 1637665346
x-cache: HIT
x-amz-meta-ctime: 1637665346
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8011
x-amz-id-2: DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by: cache-hhn4044-HHN
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 11:02:27 GMT
server: AmazonS3-br
x-timer: S1643024288.810171,VS0,VE0
etag: "35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: QF5WB9J15028EQTS
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 21219

GET
DATA 200
OK truncated
/ Frame A6CE 223 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 099bcfd4cd8158f16604382ce01986fdc2c5c7203fd7ed2e88c7afa44a3d7edf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D268
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1&google_push=AYg5qPIKvkOEPaEvCeQ4SNsmehYWxX9rf71r4idpWUwaJDtc_q7UdEmIEZ5-tTUV51VLwlksfkIYLpHHtza7aVam8mNN51zllch2
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzA1MDczNDkzNjc2MjM4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1

43 B
407 B

419ms
23ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D268
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF6ShS1nxPL0KBDpZLmezkI&google_cver=1&google_push=AYg5qPIFaWYyc-an7DEZNZT-aqjXIFJy-z3H8hKquPXRPGeWLeQnM08xhv_VK8Ti5Y8PuHNJ8LjWFqx02UiwkoIZ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFaWYyc-an7DEZNZT-aqjXIFJy-z3H8hKquPXRPGeWLeQnM08xhv_VK8Ti5Y8PuHNJ8LjWFqx02UiwkoIZBdOBMUOScGd-

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFaWYyc-an7DEZNZT-aqjXIFJy-z3H8hKquPXRPGeWLeQnM08xhv_VK8Ti5Y8PuHNJ8LjWFqx02UiwkoIZBdOBMUOScGd-

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 24 Jan 2022 11:38:07 GMT
Server: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFaWYyc-an7DEZNZT-aqjXIFJy-z3H8hKquPXRPGeWLeQnM08xhv_VK8Ti5Y8PuHNJ8LjWFqx02UiwkoIZBdOBMUOScGd-
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 24 Jan 2022 11:38:06 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D268 0
191 B 117ms
32ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJxQhF2YP5ezhrwFub8S5Rs&google_cver=1&google_push=AYg5qPKsrN754myEcUDkIwm-trtKnK3T9UsKhEK6BPsIWvzZETO2ouaoAg-nm-LM-UBl5luIJgAGE-N8IF7lloLZ1mufLUi-kpU
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D268
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM_CtVmg2pFXMddVUEh3Z-A&google_cver=1&google_push=AYg5qPJikWTMYdnQsVILFGPBGowXOl9-xRBZ4jdiaSQx6whSuq-j03cRGgqeAQm246h6zR592nLBZXOYm7r...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJikWTMYdnQsVILFGPBGowXOl9-xRBZ4jdiaSQx6whSuq-j03cRGgqeAQm246h6zR592nLBZXOYm7rVLiJdok8vJFToeVg&google_hm=M06a5IUwTgyIJYA7GonXF4M

170 B
188 B

51ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJikWTMYdnQsVILFGPBGowXOl9-xRBZ4jdiaSQx6whSuq-j03cRGgqeAQm246h6zR592nLBZXOYm7rVLiJdok8vJFToeVg&google_hm=M06a5IUwTgyIJYA7GonXF4M

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJikWTMYdnQsVILFGPBGowXOl9-xRBZ4jdiaSQx6whSuq-j03cRGgqeAQm246h6zR592nLBZXOYm7rVLiJdok8vJFToeVg&google_hm=M06a5IUwTgyIJYA7GonXF4M
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D268 0
173 B 71ms
24ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEmm3X9G9u60-XnrtdBNn0Q&google_cver=1&google_push=AYg5qPJFlhRvvxZWqs42qcqwq-8s8BpGksyAj8slXss_cT13_f_EvuHAX8LUacGx_bmB_yKwevZgFzOSVSYywAlcjkzNxDcu7OE
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D268
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENslKQ6DrRIPPTBS0tZjcXA&google_cver=1&google_push=AYg5qPJU_amKYx_p-OvVLXpNPRZ-n7LH1T7-1C7X_Oi0YhE7y8ng5ofyw33qYdqelBbSLrTevN32zC_3Ds6gQb2Z...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJU_amKYx_p-OvVLXpNPRZ-n7LH1T7-1C7X_Oi0YhE7y8ng5ofyw33qYdqelBbSLrTevN32zC_3Ds6gQb2Z-Vagzln-Uw7x

170 B
188 B

49ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJU_amKYx_p-OvVLXpNPRZ-n7LH1T7-1C7X_Oi0YhE7y8ng5ofyw33qYdqelBbSLrTevN32zC_3Ds6gQb2Z-Vagzln-Uw7x

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJU_amKYx_p-OvVLXpNPRZ-n7LH1T7-1C7X_Oi0YhE7y8ng5ofyw33qYdqelBbSLrTevN32zC_3Ds6gQb2Z-Vagzln-Uw7x
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: xcQ8PSEfSJ1lYRwoLXRJ_lr3IPGzOQabLGDtdDbPN-hSNDzZIoEnkA==

GET

pixel
cm.g.doubleclick.net/ Frame D268
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECTdUs1DFkGPCDFVyKqeFcA&google_cver=1&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl1EKILT...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECTdUs1DFkGPCDFVyKqeFcA&google_cver=1&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Ccl...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=A3LqBeaPS6CmcTzSjEujQw&google_push=AYg5qPK9nAfiQjgm3oPLhlYLB89gvl7q_Wr3lmBVNZfIKKMSjMP0Fy0_u6Hv7xCPU_YMqRYo8ksI0CQstIAj0Cc...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D268 0
232 B 67ms
24ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtJGL8srfjJkOzEEnEkn0af_VOzBuhmO5YX55WXjDNPnFTfSHj66Pzqn_m7yslnxYcZYuk

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC6A 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011408&jk=3050119006499222&bg=!19Sl1JDNAAZ_DxPPfw87ACkAdvg8WuJCW76YEKDS4FrJAqj-bQ5tJA--0hQi76ceyzU8K4_vCEMsjAIAAAEmUgAAAAJoAQeZAvfRPre8XSFbctsQ322l4iEYCm4a9rbzN0FNbJwSkUHS8jn5_MD2YeJf5SYAIiHpu79PkQ3iMa2DpHh2Z-XaLeCwHvp3H2jZ3MEWRjGQ_6xjH8idPPNftibuZItr07iY62JOWnIKAB6GYRWaGVVjuSsJhrJxq17e5sNY2dqVYdcPb6oE1WbvHLDorR7_-VdGmlrXTbWpPO2mX-c7mpAITQlddMXexeJ9UNvqMDmsP3lgbc6_mypOaFSU1P5P6NZI11LWKYK4RhqAg_6wVRAyG6eCepy_DDP-Oj7T9qrJrdOjvmn9h4e7Oy2HtVJ5EYmc9j1kBmRZn7tB7TGrvyfs7F7r-ZluCRD0qfe7UocgHmdkM5oJvFpgaRNyaLIArC5aSp4FM9jZPBf2mTx7nbx0zZTUjWKqVMPeBkjMYXCbSXg_6wrpt3tCqUWrjAYg2pngwzrvyg2C4QIEVPk-QzIoKqrS0RrPAsdlANsT27YtEprdn9wTd_Psmor-CR06ZgeeIp5ZDpXrSTvgCvVz2Ulzk-s27VnzNKLrfT132zDjCJtL3DoSKDhhXdO2npqO8_JxODkMojiAPsJgyUsGXcyWrJ4nxeCnHqto1T95eD9IncZ2Z7IaS3vUwGVsKUwmSpn9k00RvLlSp4CkMHl8B4t27QHQsbwcqwBDPM16H5Bv7VXOoy7NtWDkc4Fpeoq1sOcW_OJ4ClyQ34csw92hLoJpmdUTOsXBgGdGglTbht1v0Wan2N4G_Yxkg9nXyB6zsU3NzjNmYg5ZWw3902rgpl4CMYhCT1C_y2SKN4rCe9sTLJmj_kRLU1gyBGFJ3efyiep2NxBQ3JEqRex2mY3Z7WCaIGjoJkoR3Usba6DQhi9lP2pXJGps08FqaRbqexFQq8QLC6tn-qIGbsHtoG6lcZDT8IsihVfQzgm5JH2IZoBINEaosaf22jU-uT1JWij9veVJ7FCG87hSH1qSpSlkcbJLLd38YvGIjaXp4nE0QsZnGiMgAWxmtVjlX40

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 21ms
20ms Script
application/javascript 2a02:26f0:ef::5f65:4d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UxUS33fHL218Vnzc13h98diQ7RaRtNei5LPRd93R_Q8daD7wcflOWodcSM-pqel6mrDcKP6ejWKBuPn9C_HdDY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 11:43:07 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
1 KB 138ms
20ms Image
image/png 94.130.218.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.130.218.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.218.130.94.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: nginx/1.17.10
etag: "60068ec0-4f1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1265
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame E477 347 KB
98 KB 70ms
18ms Script
application/javascript 2a02:26f0:7100:184::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=609a764ab3287943571a812c
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:184::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bb6bd69700e21a8f9bc89da3eb5609dc34ebecaa70165a66771e04fbaa369131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds1q31Vdj7PTarTd51mu68YI49oxR1zYqURgdIwX9VQClnP_7YzbehXMhfxcciI914e9MopbmnRQAy1hWqVzYg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99205
last-modified: Thu, 20 Jan 2022 11:23:37 GMT
server: UploadServer
etag: "c4fd3c1c12f1603b143af9c821681876"
vary: Accept-Encoding
x-goog-hash: crc32c=hrQu+g==, md5=xP08HBLxYDsUOvnIIWgYdg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1642677817486292
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99205
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 11:43:07 GMT

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 354ms
99ms Image
text/plain 54.209.124.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=609a764ab3287943571a812c&r=www.correiobraziliense.com.br&sn=&cd1=&cd2=&cd3=&app=&wi=425&he=256&test=&vi=0&e=cpll&cb=1643024287860
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.124.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-124-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 45FE 0
15 B 20ms
18ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.correiobraziliense.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 24 Jan 2022 11:38:07 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 17ms
17ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:07 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age: 2025816
x-amz-meta-mtime: 1542789750
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-hhn4044-HHN
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1643024288.951253,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: 0O7z6VW9AL1L88cf_kIuoP_A5jN71DAJkA3vm2xv6yILK0B1A5FTlg==
x-cache-hits: 59534

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 180ms
180ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

50680825676c10a753b01c6d4cd95ad9849904c99ddf038d45c06cc8264ea943

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:08 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7621bc67-14dc-47a5-98e0-fb887b7430f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
115 B 174ms
174ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5bda2f9d9e18ad929a22c38e4954700d63f21597010057e9d2830dd1b3264533

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
351 B 150ms
32ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:07 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 229ms
196ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

nginx/1.17.9 /

Resource Hash

10769f6a4ede11a27a3b06095f0c8b0816b2879122f16873293b886113d1cc80

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:08 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 293dc77f-1008-4ca1-b61d-2fb0283294f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
730 B 107ms
106ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&tk_flint=pbjs_lite_v5.20.0&x_source.tid=bb30db83-ea2c-404d-a88c-520483d5fbca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1805241689460153
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 49cec7344866d337da240619f42e71d300be38793a6576784290a9a6e59a4247

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
376 B 137ms
94ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
191 B 107ms
107ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 979F 2 KB
1 KB 85ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ye6PnwADjYUK4FqRAA8g6qNauZCe9CC2Z-_E8w&u=%7CJ1jDzMaMyS0td4%2F5XMcskooQAYFpbK5EMqkKMcB%2FJBI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF34yfdczMbE1uBiFaiduzMg9v-9pUB7i3YoO16W0TxZSuwSZBD8dh4MJ7FA-YasaHHf199Bcd2MNdxyzkiS-o_Gi2JNE4tpJ88IExTK9KUILsItvHi8wmPnyEW07LXUbjznPXTZS1v3tHuOFa_oSoyCZqJcvsW_aeJ-oYbPIDcMNG1oUkCUJX_RUGZYGU4Z8XLwSo7uo4SN_iJxm3lV0WNnHYUoFks6gl3WyJcFNc_P0RC-PBTVWiX2fgAe0geRsglTLf2Dq1d80RUE1CoJcNXli9COii4sLiIRxtyJBNpNopAuQtTZS9odk1nHjuMEjo4aJcJDmU8jEwuf6VQtzoQslgT6hi2Fapf1LCCtmkmHTasp5mgrXc9sL1OMNlEkmfnk_ayX-oJWbxG_6IzjMrk8CUv89gv6ClU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ7jWn4_uYYWbDpG1gQfqwTzJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAdW20uoDyAEJqQKWFNuJPP-yPuACAKgDAaoE_wJP0LI93m-g0JzrhxjuyGU321MtcSneMA-0URsEJf3UU8VRLmHanAtHmJ92HjQ5fNpw5kVWjTI6w3Osf4AjmKsU2rD6Rh2NfRCQ0Ngvz1JfQxULJzGmorY0gkTHhoxAJ-4f8x-6sNgjz5H3hqg8oLKm6gn3xyD1ttppD6nXLH-ANxhj6IJf66DjrV9S6Nnviyo4uzYFifLlgjUQ08ayaTlskF7frqYnrTTAWgfZKqjhiJg8c7ypMvFO2wLfamgLnC--4fQzI9N01Em2CYt8i92AwKv3qfTi1AVuo_vZxkNroiQ9RD1X30ssK4HJoQLprZlobrsfEnRFPtDRTvrejOVvGYkkPwEFFPVJmtUHJqZ7eCugZRSB0qUg2Zjkq3QCBfV8KoovuNLuKuzlC2M--6ll-hzB6ljfv05WCNi72Y1olivYJk4aVpFbL--tKsU1JLROTCKrxWMjNv1-xVkkLAbQp04jCOnKXmgexXwBSrtNKgN5xjAAvn7Jrer1lGvzZuAEAYAGnIO3jq-r_7eaAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AyZG0kx3Av7u3HpuvWu3x0NYWIw%26client%3Dca-pub-8007001547012283%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 979F 2 KB
1 KB 79ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 979F 308 B
636 B 30ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 979F 507 B
835 B 33ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 979F 43 B
1 KB 111ms
31ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=72360-criteo&extLi=152208&rnd=61ee8f9f9791a87aa3dd4c8e35d858fa&criteoid=&consent_string=&iab=1&url=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 24 Jan 2022 11:38:08 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 24 Jan 2022 11:38:07 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1696
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 979F 43 B
347 B 110ms
38ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Rx20ZHb8N-LKvPmSlI5DwEXYR5GVws2kRCTKx53h5LynlXmegBRXjsgLEs9e1Xe6sTrAzf-91ezXZD602NH_kBsl8a6hZEhU_ckpPMFYMvOTECo11Hic_m-ecQuzl-32bEKCQAPfckLow5I9XGirH1jQdQmmo3dCChCzWUqVUu5SexLSpcAxubATo_g1z8X6_-KVlmD6cLvX0z0XVj79jTXX2ThI0X2XP6gChBiUyowH_SxFU-ayYyprSXWyEGamQex317Kpx_Nt9JXsTySRDdyvWiJzKIN_Hpj8WWPsjlEJpvINzwxIK61yPixUsG4xbbAWVLJnreVsHKjypDJ0grPVaBqxk7lHowCRCRl6GEdo2XEjlQ1WGQ0YvSr8Fka2K2RcsQgJwJI6xiC9MmNfINDtpBeskOwPrCdFgK-kwGJShkYUDN9_2Dc9hAAdYM4wH-etGQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3163871
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 270p.m3u8 Show response
acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/ 2 KB
3 KB 156ms
37ms XHR
binary/octet-stream 2600:9000:206f:4c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/270p.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6de002fc1fb395f2b28a45b7c8de1a8c21a5f9d6616204a8e03e95b5617344dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 06:39:38 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
vary: Origin
age: 17911
x-cache: Hit from cloudfront
content-length: 2516
last-modified: Thu, 21 Oct 2021 11:14:15 GMT
server: AmazonS3
etag: "ed9a48543a14724211240e6244a5d483"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 78cmPsSpAYK8PV0aPbbqgGIZJbfrpJ-50HXEGzSfhUBV-7T_ZN32CA==

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 17ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age: 2242226
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn4044-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1643024288.044779,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits: 167073

GET
H2 200 track
track1.aniview.com/ 0
70 B 111ms
111ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.correiobraziliense.com.br&sn=&ic=0&tgt=0&app=&wi=425&he=256&test=&d36=6.1.2.99&apppkg=&fv=1&proto=https&pid=609a764ab3287943571a812c&cid=61791426110ec737726a1125&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&e=inventory&vi=100&cb=1643024288056
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame F00A 928 B
544 B 27ms
27ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=undefined&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=24FA1D1690115899949976627997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
x-served-by: cache-hhn4044-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1643024288.072643,VS0,VE11
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6518 1 KB
1 KB 70ms
23ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

server: nginx
date: Mon, 24 Jan 2022 11:38:08 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
634 B 142ms
141ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5282385&noaop=3&sortOrderType=0&cb=1643024288067&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=105212296&pt=2076908458&tz=0&viewable=true&ddast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1673805&dpubid=287555&abtst=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.correiobraziliense.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a36928ec994c1233ef222cc26b85006fb3d4fa55ad362f3e42a257a82ce103e6

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiobraziliense.com.br
machineid: 1421
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4044-HHN
pragma: no-cache
server: nginx
x-timer: S1643024288.076464,VS0,VE126
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 55ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=31589837&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1643024285909.9!ts:1643024288062&mntl=1
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-length: 0
server: nginx

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 40 KB
3 KB 335ms
114ms XHR
application/json 35.172.120.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=61791635557ecb2c020c45cb&AV_PUBLISHERID=609a764ab3287943571a812c&AV_VIDEOURL=https%3A%2F%2Facdn.flickstree.com%2FpfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp%2F270p.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&AV_CHANNELID=61791426110ec737726a1125&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.correiobraziliense.com.br&AV_DADPOS=1&AV_TAG=61791635557ecb2c020c45cb&AV_TEMPLATE=6179146dae6bdc1f3d41b487&d36=6.1.2.99&responsive=1&sver=1&avtoken=288055&AV_WIDTH=425&AV_HEIGHT=256&AV_DNT=0&cb=1643024288104
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=609a764ab3287943571a812c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.120.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-120-178.compute-1.amazonaws.com
Software: /
Resource Hash: 02b9868561bbb2c85f2ed32633827c678c9ccccc8519aa0e3dd6456d42edf027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 12 Jan 2022 21:51:28 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 979F 12 KB
5 KB 72ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Txz13bkaTRRs4IcXt31Hf8kldiXqwL76Wpis80spix6dr4VAYcfJSmyTEYf0PpltgaR7s5E%2FqnSkKwj1YRjBMGwPgLRUxl3bkm%2B3Q%2FIbhnYCoxJd6y%2BInl58wGfwF4RmboJqt%2BnKMDtiGlXWXKbogBao"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d28f9490e322c42-FRA
expires: Sat, 14 Jan 2023 11:38:08 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 979F 12 KB
6 KB 29ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979F 21 KB
22 KB 104ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_6942_FA.jpg&v=3&w=400&s=OhyHgkLkAAxFTs1e-oAjOsBp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

605b97d057b9e8f5afb56a295d412ecb3e1aafdd0105b59d0eb3c0fa137e086a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:13:18 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 5089
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=190811
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 21756
expires: Wed, 26 Jan 2022 15:13:30 GMT

GET
H2 200 57d7bb56872a45b7b69c1c75d5934cf7_cpn_300x250_1.jpeg
static.criteo.net/design/dt/12719/220118/ Frame 979F 63 KB
63 KB 54ms
53ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/12719/220118/57d7bb56872a45b7b69c1c75d5934cf7_cpn_300x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1a95cd78f5895e710525c49e8929ea9245c2afd140d1ec69051a2df053184784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
last-modified: Tue, 18 Jan 2022 09:25:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61e6877b-fb1b"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 64283
expires: Thu, 19 Jan 2023 11:38:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 979F 0
127 B 122ms
38ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=m6q7vuLz4PTSW59hySUDh3tAG-W1xQlyB7XwzN0amLdHm5V790p7PF3zTiRSTTbM8odvzGWyPJgNSX-YNCb8_6doTAK2I9qqcDuBD_-noLFimrwiApZAq8YtRAwt1aLER-DUmiFDSo99K8ud_Nn4RmTGaPeQMCuf9uIOI0-KKlB2xb_yABehdxk6V2beohTnxUfSl87m4CJrvMx9R1pQoN-_SuPwCIoCQQ1-rdzWdgOSQUI2pSdThm0F-S17uBSsAiyG5w&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:07 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 979F 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 979F 2 KB
1 KB 84ms
84ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Jan 2023 11:38:08 GMT

GET
H2 206 bjn9tq6h1jzq1mg3b6ir.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619003729/ 321 KB
321 KB 16ms
16ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619003729/bjn9tq6h1jzq1mg3b6ir.mp4
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c83f18642863842ab20430cb64f533b5f341ef61f4ebdc83d7b333e1762399b

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Ql9raS7eCY2Zi5yxBXSa2_UM4Sci_j9u
via: 1.1 varnish
etag: "091599193e7f107c6a275aa554adaa5d"
age: 97
x-cache: HIT
Content-Range: bytes 0-328542/328543
x-amz-replication-status: COMPLETED
Content-Length: 328543
x-amz-id-2: nSCYY46ycMjpXfeVqFrLoKt2qpNuCyF3st7iqxu7Ygxh+Fos544OK/99SyP3WSMiyIiK0mOUBEM=
x-served-by: cache-hhn4044-HHN
last-modified: Wed, 21 Apr 2021 11:15:38 GMT
server: AmazonS3
x-timer: S1643024288.138139,VS0,VE1
date: Mon, 24 Jan 2022 11:38:08 GMT
x-amz-request-id: VZYN9FYVQKENWATP
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 70
x-cache-hits: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame F00A 43 B
182 B 330ms
101ms Image
image/gif 2600:1f18:612b:4264:d436:a7a1:a7a:c65e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=undefined&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=24FA1D1690115899949976627997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d436:a7a1:a7a:c65e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F00A 70 B
264 B 131ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=undefined&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=24FA1D1690115899949976627997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F00A
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&

0
229 B

38ms
23ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=undefined&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=24FA1D1690115899949976627997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23152

Redirect headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 90
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F00A 43 B
220 B 70ms
15ms Image
image/gif 18.185.185.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=undefined&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=24FA1D1690115899949976627997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.185.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-185-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame F00A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-GyG5jjFE2uFP0HqDmvhvWjFmZnjpxr6tKzIyt_s-~A

0
229 B

32ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-GyG5jjFE2uFP0HqDmvhvWjFmZnjpxr6tKzIyt_s-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=undefined&cb=1643024288062&uv=105212167&tms=1643024288062&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t45!ufm_vD!ul105065-003_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=24FA1D1690115899949976627997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22083

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-GyG5jjFE2uFP0HqDmvhvWjFmZnjpxr6tKzIyt_s-~A
date: Mon, 24 Jan 2022 11:38:08 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
BLOB 206
Partial Content 1acf1bb2-2191-47e5-9bed-903f7a5154a2
https://www.correiobraziliense.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiobraziliense.com.br/1acf1bb2-2191-47e5-9bed-903f7a5154a2
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content e6876196-c46c-4143-ac2f-ed20f7f0993f
https://www.correiobraziliense.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiobraziliense.com.br/e6876196-c46c-4143-ac2f-ed20f7f0993f
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6518 70 B
265 B 126ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6518 43 B
183 B 324ms
100ms Image
image/gif 2600:1f18:612b:4264:d436:a7a1:a7a:c65e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d436:a7a1:a7a:c65e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6518
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&

0
229 B

38ms
24ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23152

Redirect headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1a187f68-7d0a-11ec-ab78-1c5660560106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 48
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 6518 43 B
220 B 64ms
16ms Image
image/gif 18.185.185.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.185.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-185-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp_480x270p@400Kbps20211021T080947_00001.ts Show response
acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/ 123 KB
123 KB 30ms
29ms XHR
binary/octet-stream 2600:9000:206f:4c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp_480x270p@400Kbps20211021T080947_00001.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcf3237bb75d941fccdfd11f097b3093e8f3f26b58502c356a6d0ed864507f1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 04:42:47 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
vary: Origin
age: 24922
x-cache: Hit from cloudfront
content-length: 125772
last-modified: Thu, 21 Oct 2021 11:14:54 GMT
server: AmazonS3
etag: "865ae22eec5ac3a69b2e7dcf840fb443"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: BLVLA3nOmI-GrxFQ_qmlu4Sqv0txzSFqcza9M5CMNSWNgQCcLBU8jg==

GET
BLOB 200
OK 2c7dd05f-c08c-48d8-aeea-d806c982bd83
https://www.correiobraziliense.com.br/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiobraziliense.com.br/2c7dd05f-c08c-48d8-aeea-d806c982bd83
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame 979F 5 KB
1 KB 68ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 10:18:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 24 Jan 2022 11:38:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jan 2022 11:38:08 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame E050 0
86 B 30ms
30ms Document
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=CF34F5BBB21130221322028676184&cicmp=1337627&cijs=1&dast=V7OSACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHUPjjGasCYVCWSw2g8lksVkslsvRcjicjGZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jaYoOl0-Fz3et3vd9f4LZeX02-xPKxPs9Nl97zsGr_bLrH85QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAQDFwcCuk-_p8xwdNpfdHwAADwogAAACGCEAUmxoIgAAAAAjAAAAACQAAomFJQAOd4smAAABfovhCBsnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQ_lG43GzIoCbRAXMRYwAAAAAsuWuB48mdUJlUfX___9vBXAFABDgtxieUJp1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0ISK6ofTggxwpdR4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAACs9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Arkb4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vTsWD-bic-9qFjw-y2M0Vi9FcsljNFZvFKgEAAAAAAAAALGHKvAkAAADAaRCz2WS3W3HjzZ4JYq1WyxoAAACAWzdy!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
x-served-by: cache-hhn4044-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1643024288.216423,VS0,VE15
content-length: 0

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/105212_167/infra/ 841 KB
142 KB 66ms
20ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/105212_167/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9ff6fc10a67b8d5a31804992fddce33b53cc7f3641c0c3ef3d0e2b7150eafc52

Request headers

Referer: https://www.correiobraziliense.com.br/
Origin: https://www.correiobraziliense.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
age: 103246
x-amz-meta-mtime: 1642920916
x-cache: HIT
x-amz-meta-ctime: 1642920917
x-amz-meta-mode: 33188
content-encoding: br
content-length: 144426
x-amz-id-2: nhgxCpXsBKSASoaVJLa8cSEEpiAW5xNMp+2m4vcC8QdV88uUR6r99vWf5kgJvnCL6JD7se2zwUQ=
x-served-by: cache-hhn4061-HHN
accept-ranges: bytes
last-modified: Sun, 23 Jan 2022 06:55:18 GMT
server: AmazonS3-br
x-timer: S1643024288.306220,VS0,VE1
etag: "e02c3ff19b7bf3f28da9c713014c2260"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: WSZYR8RHXP4PZRHZ
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/105212_167/assets/css/ 63 KB
9 KB 16ms
16ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/105212_167/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 04c92da639b83f3954de1481055274f4dc6891364297dec15c0050a2e5c6dc13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
age: 103246
x-amz-meta-mtime: 1642920933
x-cache: HIT
x-amz-meta-ctime: 1642920933
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8280
x-amz-id-2: 0VDRMostBwVfwr2IJAL7cypP7VdfZGt1j+OhSbiZJN21WBwqu5JibDrWyTF1/alScNv+cnwB/dE=
x-served-by: cache-hhn4044-HHN
accept-ranges: bytes
last-modified: Sun, 23 Jan 2022 06:55:34 GMT
server: AmazonS3-br
x-timer: S1643024288.261012,VS0,VE0
etag: "19adad12972fe11c2c8a39a781625b6d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: WSZHQMGVHDCVJTZM
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 4405

GET
BLOB 206
Partial Content 5a6e2d7c-5353-4ee0-a426-3ec92ff431d7
https://www.correiobraziliense.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiobraziliense.com.br/5a6e2d7c-5353-4ee0-a426-3ec92ff431d7
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content b325062d-ae24-4415-8321-043596050e2e
https://www.correiobraziliense.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiobraziliense.com.br/b325062d-ae24-4415-8321-043596050e2e
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 jblnpc6tptwcwogbqadb.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1632422992/ 128 KB
128 KB 18ms
18ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1632422992/jblnpc6tptwcwogbqadb.mp4
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec491c4a3da543d6be7e8c1c17b07f152aae1eea52e79a3b87f93e2706fb1675

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: HnOAJX2ls6MMQqfC3GVgucjOj9hVYYGI
via: 1.1 varnish
etag: "8ccd2a615bd5530fee9cb8c39d9375ec"
age: 114
x-cache: HIT
Content-Range: bytes 0-130594/130595
x-amz-replication-status: COMPLETED
Content-Length: 130595
x-amz-id-2: rtA12csDv4LBgLmlr6JBO9etydw7MQmxv0h5wxbo0rPjLXW7MpdUlBdnJeUx2hL3k4d8HVH0GC4=
x-served-by: cache-hhn4044-HHN
last-modified: Thu, 23 Sep 2021 18:49:58 GMT
server: AmazonS3
x-timer: S1643024288.304426,VS0,VE1
date: Mon, 24 Jan 2022 11:38:08 GMT
x-amz-request-id: MSZ1S6PE7BD4QFHW
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 70
x-cache-hits: 0

GET
H3 200 api.gif
v3.denakop.com/ 0
345 B 418ms
418ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10066&d=desktop&b=Chrome&o=Windows&u=Wxmq8uJvTIe8fQVdaYig9g%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=under&p=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&t=1643024288301&cb=0.16545722600466894

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-authenticated: 0
date: Mon, 24 Jan 2022 11:38:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
pragma: no-cache
last-modified: Mon, 24 Jan 2022 11:38:08 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6d28f949e84a4339-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 294ms
294ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=4082159234987236&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=21715141650%3A6887%2Cdesktop_under&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiobraziliense.com.br%26pathname%3D%252Fpolitica%252F2022%252F01%252F4979732-no-submundo-do%26device%3Ddesktop%26auto_ad%3Dunder%26account_id%3D10066&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&bc=31&abxe=1&dt=1643024288308&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3054029751&ucis=7&hl=pt-BR&ifi=7&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98962570d67b43703bfbfc9674bd8e5219ac8d6296aaf3f615c97a4fa05c4936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11181
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 979F 44 KB
44 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 473014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 00:14:34 GMT

GET
H2 200 pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp_480x270p@400Kbps20211021T080949_00002.ts Show response
acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/ 168 KB
169 KB 31ms
30ms XHR
binary/octet-stream 2600:9000:206f:4c00:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp_480x270p@400Kbps20211021T080949_00002.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4c00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfe8db1f0a1079cf96140d2a4ce40f0e2f9ac45706b2b1cfc398f896bf943c28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
vary: Origin
age: 29888
x-cache: Hit from cloudfront
content-length: 172020
last-modified: Thu, 21 Oct 2021 11:14:54 GMT
server: AmazonS3
etag: "9d57ab36924a22ba61f291b741db2052"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: wpnZZbaPsVFdCM2tGEsbqUT5YHirMof14etFYO8GcqFZXyrQAudjtQ==

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 99ms
99ms Image
text/plain 54.209.124.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=609a764ab3287943571a812c&r=www.correiobraziliense.com.br&sn=&cd1=&cd2=&cd3=&app=&wi=425&he=256&test=&vi=0&e=cply&cb=1643024288357
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.124.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-124-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 16ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/105212_167/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront), 1.1 varnish
age: 2857666
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn4044-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1643024288.438291,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: pKG4oNx3x3a6CA3o9mtSGNKksF7XtjHwgVqKbA-wlmrpXa-X4jGIlA==
x-cache-hits: 285187

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v105212.296/ 566 KB
116 KB 18ms
17ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v105212.296/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/105212_167/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: eadd0b63e7143b85fe47d3074f761b28a057b4fe0fc9660ad33b770e00035dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
age: 6034
x-amz-meta-mtime: 1643018180
x-cache: HIT
x-amz-meta-ctime: 1643018194
x-amz-meta-mode: 33188
content-encoding: br
content-length: 117987
x-amz-id-2: ieCEOz7rWQZ9/WYC5SYo/eXvq5EDr84SYkzTfH3cryUUet3EPLiI3eXSznO3z6/WCAHFFOwQfAs=
x-served-by: cache-hhn4044-HHN
accept-ranges: bytes
last-modified: Mon, 24 Jan 2022 09:56:35 GMT
server: AmazonS3-br
x-timer: S1643024288.455150,VS0,VE0
etag: "18cc6109c6ed52f6e5f24645dae167f5"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 2ZPNF0JMT2DJMM55
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 297

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 83C1 1017 B
1 KB 23ms
23ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/105212_167/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 796611214d021bcac816f48cee7b311f491a1cff63bb41e0bae4dc8a122aa088

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

server: nginx
date: Mon, 24 Jan 2022 11:38:08 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 23ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=&cb=1643024288428&uv=105212167&tms=1643024288428&su=&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t120!t45!ufm_vG!ul105065-003_vC&ft=0&unm=FEED_MANAGER&mntl=1&
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-length: 0
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 23ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66245465&crid=5282385&dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&cmcv=&pix=31579697&cb=1643024288449&uv=105212167&tms=1643024288449&su=3&abt=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t120!t45!ufm_vG!ul105065-003_vC&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-length: 0
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4BD1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

64ms
17ms

Document
text/html

104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2022 11:38:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
101ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&&ppid=609a764ab3287943571a812c&nid=5e7b9048180bd02ded4b0937&pcid=61791426110ec737726a1125&ncid=61790c8b1d8ca06add677fd4&pasid=61790cd07f27264e184c81a9&e=request&cb=1643024288487&asid=617908cbb7ceab4dd535dec2%2C617908d26e5e752a636f6898%2C6179084bd1341119162011f3%2C617908c8f834b1587914c9a4&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&&ppid=609a764ab3287943571a812c&nid=5e7b9048180bd02ded4b0937&pcid=61791426110ec737726a1125&ncid=6179136e5b96b6588248a469&pasid=617913addfb035326f121a9b&e=request&cb=1643024288487&asid=617912b35ed7fb34f14ac8a9%2C617912b15cad5d19ac1c3ae4%2C617912af56db387b7e7757e4%2C617911edd701ee79311d6f33%2C617912ad9cdaa3035e68c036&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&&ppid=609a764ab3287943571a812c&nid=5e7b9048180bd02ded4b0937&pcid=61791426110ec737726a1125&ncid=617a5dfb83e9b37ada797fed&pasid=617a5edbf345bc179658a132&e=request&cb=1643024288487&asid=61793c44dff2e37e10378a2d%2C61794c2697bfe9483b58627b%2C61794bec86590653c725bb0a%2C61793b8cfc5f55468d4007d6%2C61794d82c93c4028557de01a&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&&ppid=609a764ab3287943571a812c&nid=5e7b9048180bd02ded4b0937&pcid=61791426110ec737726a1125&ncid=61790c8b1d8ca06add677fd4&pasid=61790cd07f27264e184c81a9&e=bid&cb=1643024288491&asid=617908cbb7ceab4dd535dec2%2C617908d26e5e752a636f6898%2C6179084bd1341119162011f3%2C617908c8f834b1587914c9a4&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
102ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&&ppid=609a764ab3287943571a812c&nid=5e7b9048180bd02ded4b0937&pcid=61791426110ec737726a1125&ncid=6179136e5b96b6588248a469&pasid=617913addfb035326f121a9b&e=bid&cb=1643024288491&asid=617912b35ed7fb34f14ac8a9%2C617912b15cad5d19ac1c3ae4%2C617912af56db387b7e7757e4%2C617911edd701ee79311d6f33%2C617912ad9cdaa3035e68c036&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
104ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&&ppid=609a764ab3287943571a812c&nid=5e7b9048180bd02ded4b0937&pcid=61791426110ec737726a1125&ncid=617a5dfb83e9b37ada797fed&pasid=617a5edbf345bc179658a132&e=bid&cb=1643024288491&asid=61793c44dff2e37e10378a2d%2C61794c2697bfe9483b58627b%2C61794bec86590653c725bb0a%2C61793b8cfc5f55468d4007d6%2C61794d82c93c4028557de01a&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F12 42 B
64 B 80ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzs38Hrk4XH900p7s6JgDcOc9TALDo0w8KD_2QROa_vfOq3P0nDQ-c3FCQPAtGlLt2LKxSekx-c2CpPMK1BUom7sn30QNuRUwXhEvEhcqsYEIqo4QM&sig=Cg0ArKJSzMRgGXeoiANdEAE&id=lidar2&mcvt=1172&p=1110,436,1200,1164&mtos=1172,1172,1172,1172,1172&tos=1172,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2660743869&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643024287182&rpt=157&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FD0 42 B
64 B 77ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLcihSXZsvWIXt6bphAHpdm-mj7p_OJKNW-UNDyb29p4sAagKaEMHmKmu7GixnR5OCmqhBMdfmX3JHEdipJ1DX77LN6CDziPPvg1t7nZOVfC9zaBWq&sig=Cg0ArKJSzCthvalTzZwtEAE&id=lidar2&mcvt=1174&p=438,315,528,1285&mtos=1174,1174,1174,1174,1174&tos=1174,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1969685226&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643024287167&rpt=195&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 83C1 43 B
182 B 101ms
100ms Image
image/gif 2600:1f18:612b:4264:d436:a7a1:a7a:c65e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d436:a7a1:a7a:c65e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 83C1 70 B
264 B 39ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 83C1 43 B
220 B 17ms
16ms Image
image/gif 18.185.185.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.185.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-185-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 um Show response
cs.emxdgt.com/ Frame 83C1 0
59 B 214ms
32ms Script
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 636B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

31ms
17ms

Document
text/html

104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2022 11:38:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E477 377 KB
125 KB 71ms
28ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=609a764ab3287943571a812c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127290
x-xss-protection: 0
expires: Mon, 24 Jan 2022 11:38:08 GMT

GET
H3 200 container.html Show response
ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 54B1 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 11:38:06 GMT
expires: Tue, 24 Jan 2023 11:38:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 bulk Show response
trc.taboola.com/diariosassociados-correiobraziliense/log/3/ 0
303 B 29ms
29ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariosassociados-correiobraziliense/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
server: nginx
x-timer: S1643024289.655408,VS0,VE12
x-served-by: cache-hhn4044-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4BD1 32 KB
10 KB 20ms
19ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18884
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Mon, 24 Jan 2022 16:52:52 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 636B 32 KB
10 KB 18ms
17ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18884
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Mon, 24 Jan 2022 16:52:52 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 54B1 0
0 59ms
58ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqaDsoI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE0wJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzEDvW1ZtNZd96ooA8_FQM3jViAGtfjJlp1zYLWG85WDUj8t-GxYFdngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=U3Oc2t0gLL4&uach_m=[UACH]&cid=CAQSPACNIrLMs-zCLiK65tSC58JaexNBu1XDNrP5sGDSJDbYMMNtCbkTlDALG4-zLbvGhob05m2xdn4JutNX9BgB
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 54B1 0
0 81ms
26ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jy4npyd2es8zv7zhasa8327xjqhkme72a5vf3z49fw8bdacpqjdf53dpn1z7em63gzp44ftbp6wvs24bdp4pgcf535js53ej63hrx4ct202v98ahmj56w4bv7zbj1p2kq4q8fcpc375t8jd4dpkx6a783n7dxt6v8nj479mawwvnpn9qt793bwk4mcv1me3mzzwg1m8pjx33gn4edrak1r626b4d4hehm83htc3m793e7assfq3krd6wyjjspawfphhgb5v9f11z5mmnme1znfxdpeg8h80jn6fyrmbaphtqdhc3gy59bbvjm7haj8sfkem0a97gjhn4r1h4f3sfn0m0v90b8ctq0f7j7m3m495en51cg3fvkr9vbwehs9njj8nheehtg6mxvscak4jyyeg54sr4&b=Ye6PoAAFo30K4GSDAAtXAmTdyBODTtpE3TcKXA
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A85F 2 KB
3 KB 131ms
63ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g9t8pefeenfb03545w9d5y3msm7xrnska686s82jrdz1hg1gnp8km52qva8r7tcv3x9z5dhnxeaj1ww2hkbgxwjynphgs637r8tp7h6q6qvt9hpntp8bn5qpz2yyzk9f5pv474nspkgnxsxeh68x5b07k4hbq3b5y0e58vp4a51r2dhbn82xszxb83kkkej2d9wxkc00kjbhcbrnh6fdcn8cqkxx3xjce8q0dw1b96g8yvtckxjgrc8pq1b26a4pyft33peh987hjf0y5jt08y7shgg7bb51j1zy113k4tgs3s2xdac818nyd47d4882b5ay4dcr0jehp2ry9zkyb1kp12x78fmwn2n1khjpnyjh5vressydbz97389k347ac04qw4xdxab05m5xvcs31dngqczwy1q3rktz2ftmn1zn9pxavg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%26client%3Dca-pub-8170966538152543%26adurl%3D

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d90bd33c5ee1a38facba207db9a373182eaaefeb65d480aad41eb4f09a58aab

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d28f94cae65776e-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 54B1 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:35:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0530 1 KB
749 B 19ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 23 Jan 2022 13:26:12 GMT
expires: Mon, 24 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 79916
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54B1 122 KB
37 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 54B1 15 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:27:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 54B1 22 KB
7 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 10:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Jan 2023 10:05:09 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 636B 0
239 B 72ms
19ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=KYSM8LHL-24-LOOA
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0530
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1&google_push=AYg5qPKUZdMbxl6rG93TKxsXZud_0LF_Ng6GOFh6Lnau2igj6jfeXpjarZBhF6YwNHqrYJDIsI9QuNV5V_tYKyOaDvmv-9-eB2g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzA1MDczNDkzNjc2MjM4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1

43 B
407 B

24ms
24ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0530
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEmm3X9G9u60-XnrtdBNn0Q&google_cver=1&google_push=AYg5qPJZEEIGK0xZmGUS5kx69fJsLENuJk2rI7YkMYPXqF0hNOOzOX9HMRl4kl9NgjQo9CGzbhWEH0x-wncQMP...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJZEEIGK0xZmGUS5kx69fJsLENuJk2rI7YkMYPXqF0hNOOzOX9HMRl4kl9NgjQo9CGzbhWEH0x-wncQMPQL24Pcj68dttg&google_hm=hmHuj5_wandDKh98_A...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJZEEIGK0xZmGUS5kx69fJsLENuJk2rI7YkMYPXqF0hNOOzOX9HMRl4kl9NgjQo9CGzbhWEH0x-wncQMPQL24Pcj68dttg&google_hm=hmHuj5_wandDKh98_A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61EE8F9FF06A77432A1F7CFCBLIS

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJZEEIGK0xZmGUS5kx69fJsLENuJk2rI7YkMYPXqF0hNOOzOX9HMRl4kl9NgjQo9CGzbhWEH0x-wncQMPQL24Pcj68dttg&google_hm=hmHuj5_wandDKh98_A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61EE8F9FF06A77432A1F7CFCBLIS
date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0530
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESENUyb24_kdBpHfmUyJ-uAs8&google_cver=1&google_push=AYg5qPJNBzhi4zgQs4enTzblV_b6Apsfbx9cpsAjjhY5UtLkzWqaozrpnOhLV5g7u6jqNjSlMXpQOixmMA2...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJNBzhi4zgQs4enTzblV_b6Apsfbx9cpsAjjhY5UtLkzWqaozrpnOhLV5g7u6jqNjSlMXpQOixmMA2vOicfw6IeNd3bx-I

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJNBzhi4zgQs4enTzblV_b6Apsfbx9cpsAjjhY5UtLkzWqaozrpnOhLV5g7u6jqNjSlMXpQOixmMA2vOicfw6IeNd3bx-I

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJNBzhi4zgQs4enTzblV_b6Apsfbx9cpsAjjhY5UtLkzWqaozrpnOhLV5g7u6jqNjSlMXpQOixmMA2vOicfw6IeNd3bx-I
Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0530
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEEBZW4TII_dwfvedZKm75O8&google_cver=1&google_push=AYg5qPLsqGT662PKxhFovuTcwvN0ImUx6FhRNBWy1w4V2YyW09glIKtKtXzqxRmnVppax...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLsqGT662PKxhFovuTcwvN0ImUx6FhRNBWy1w4V2YyW09glIKtKtXzqxRmnVppax4XDieIrUy3TKQvX2Shi8dA-Y4r82Q&google_hm=QXhlT3BpZThBRXMzLVZMcjNwWl...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLsqGT662PKxhFovuTcwvN0ImUx6FhRNBWy1w4V2YyW09glIKtKtXzqxRmnVppax4XDieIrUy3TKQvX2Shi8dA-Y4r82Q&google_hm=QXhlT3BpZThBRXMzLVZMcjNwWlZ3RFE=

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLsqGT662PKxhFovuTcwvN0ImUx6FhRNBWy1w4V2YyW09glIKtKtXzqxRmnVppax4XDieIrUy3TKQvX2Shi8dA-Y4r82Q&google_hm=QXhlT3BpZThBRXMzLVZMcjNwWlZ3RFE=
Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0530
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgjM590qTf07JbcRBfOO5o&google_cver=1&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBv...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgjM590qTf07JbcRBfOO5o&google_cver=1&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBv...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBvUeGnp-tSRw&google_hm=f5d66eff0dc02fa60c462f11

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBvUeGnp-tSRw&google_hm=f5d66eff0dc02fa60c462f11

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL7CleE_9P6nMovZIEY84ufPuqtOfG6WiApYB19ifAkRwshl7zXjzRiXiI9qisKbDVFTeatOv96ioSueJHBvUeGnp-tSRw&google_hm=f5d66eff0dc02fa60c462f11
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0530
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEDovCuRtmB4ia_yA9B7RvGU&google_cver=1&google_push=AYg5qPJDCOngFWZIWKOWYE113jvdqf3s-v-JgD5i3Uqd4eR_sqLblAs1-TATgoBHXYKEtuiOJF4vwq5NXLqQZhP-AnQML1UMJdU
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&mn_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJDCOngFWZIWKOWYE113jvdqf3...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&mn_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJDCOngFWZIWKOWYE113jvdqf3s-v-JgD5i3Uqd4eR_sqLblAs1-TATgoBHXYKEtuiOJF4vwq5NXLqQZhP-AnQML1UMJdU&gdpr=&gdpr_consent=

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&mn_hm=Mjg2MDI1ODg4ODIxNDc4MDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJDCOngFWZIWKOWYE113jvdqf3s-v-JgD5i3Uqd4eR_sqLblAs1-TATgoBHXYKEtuiOJF4vwq5NXLqQZhP-AnQML1UMJdU&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Mon, 24 Jan 2022 11:38:08 GMT

GET
H2 204 pub
cs.chocolateplatform.com/ Frame 0530 0
122 B 331ms
104ms Image
text/plain 35.212.101.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBpqDjKLzNykQ4AfLDy-nSc&google_cver=1&google_push=AYg5qPIOP7jZPy1Q88gpVbN_VU0waYAOOngvRgoyOqc1lLh_1oYrqvuTaGKMxHlFAPpYopKPhMEJVJnDqI7tVO7D3DMtGsZsxnk
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.101.212.35.bc.googleusercontent.com
Software: Chocolate Cookie Sync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 google
server: Chocolate Cookie Sync Powered by Vdopia
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0530 0
12 B 26ms
25ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lq2Okl-b6vvrpYzKuVBcVe0bTn82nP9XlfpJMYiIeeLqJvN_vCNtLpduL7k4vQwG_WaouV

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 666F 601 KB
195 KB 45ms
20ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E477 44 KB
17 KB 96ms
32ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jan 2022 11:38:08 GMT

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6DC9 601 KB
195 KB 29ms
16ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame FCD9 601 KB
195 KB 30ms
29ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame F48E 601 KB
195 KB 30ms
30ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame AC66 601 KB
195 KB 35ms
35ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
680 B 32ms
32ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 15853
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4044-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1643024289.848068,VS0,VE0
date: Mon, 24 Jan 2022 11:38:08 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 24
x-cache-hits: 8122

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 636B 70 B
264 B 60ms
58ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 636B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhNzJiNmJkZGQyODdiNWE3ZTAyNDAxZTVkODVhN2M2MmVmNGY3Nw&gdpr=1&us_privacy=1---

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhNzJiNmJkZGQyODdiNWE3ZTAyNDAxZTVkODVhN2M2MmVmNGY3Nw&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhNzJiNmJkZGQyODdiNWE3ZTAyNDAxZTVkODVhN2M2MmVmNGY3Nw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 636B 0
0 106ms
26ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 636B
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYSM8LHL-24-LOOA&sigv=1&esig=2~33ef2f8b7b94a21bbc2775fad00f62dc0ff1b219&gdpr=1&us_privacy=1---

0
445 B

80ms
18ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYSM8LHL-24-LOOA&sigv=1&esig=2~33ef2f8b7b94a21bbc2775fad00f62dc0ff1b219&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYSM8LHL-24-LOOA&sigv=1&esig=2~33ef2f8b7b94a21bbc2775fad00f62dc0ff1b219&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 636B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/7yNU0399ookOTgrHLfP81cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5914146251704842003

0
239 B

18ms
18ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5914146251704842003
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Mon, 24 Jan 2022 11:38:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5914146251704842003
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 636B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ac361ee-8f9f-4200-b49e-3ca5ab8b5e30&expires=28

0
239 B

18ms
17ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ac361ee-8f9f-4200-b49e-3ca5ab8b5e30&expires=28
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Date: Mon, 24 Jan 2022 11:38:08 GMT
Server: MT3 4133 baa842e master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ac361ee-8f9f-4200-b49e-3ca5ab8b5e30&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 24 Jan 2022 11:38:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 636B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&gdpr=1&us_privacy=1---

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 503 btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 636B 0
177 B 113ms
20ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643024289.957060,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4030-HHN

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1F50 37 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A6CE 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrOhAz9MisdsWbgUNsNkeRTNzUSaUQObuxMB6uaHsvxg0qkcdXvHrUQSWD9yDLVjsxsyvTfxdiRSpfHNDMIhkl&sig=Cg0ArKJSzHcWZSFeutV3EAE&cid=CAASF-RopHENXwO9ZazVhXJG2yQrJQEPXUOi&id=lidar2&mcvt=1063&p=718,1067,968,1367&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2539784184&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643024287498&rpt=289&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2A5A 37 KB
13 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0534 37 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E95A 37 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EAE4 37 KB
13 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
DATA 200
OK truncated
/ Frame 54B1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc92b6f93125b758f3f3c9f5285ba648dd1e09a0f0cd91300856fc00fa5a91e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 debug
am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/2/ 0
89 B 39ms
39ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/2/debug?tim=11%3A38%3A08.881&type=error&msg=Uncaught%20TypeError%3A%20Failed%20to%20execute%20%27observe%27%20on%20%27IntersectionObserver%27%3A%20parameter%201%20is%20not%20of%20type%20%27Element%27.%3A%201%40https%3A%2F%2Fvidstat.taboola.com%2Fvpaid%2Funits%2F105212_167%2Finfra%2FcmTagFEED_MANAGER.js&llvl=2&id=6684&cv=20220124-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22896

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A85F 81 KB
11 KB 99ms
66ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g9t8pefeenfb03545w9d5y3msm7xrnska686s82jrdz1hg1gnp8km52qva8r7tcv3x9z5dhnxeaj1ww2hkbgxwjynphgs637r8tp7h6q6qvt9hpntp8bn5qpz2yyzk9f5pv474nspkgnxsxeh68x5b07k4hbq3b5y0e58vp4a51r2dhbn82xszxb83kkkej2d9wxkc00kjbhcbrnh6fdcn8cqkxx3xjce8q0dw1b96g8yvtckxjgrc8pq1b26a4pyft33peh987hjf0y5jt08y7shgg7bb51j1zy113k4tgs3s2xdac818nyd47d4882b5ay4dcr0jehp2ry9zkyb1kp12x78fmwn2n1khjpnyjh5vressydbz97389k347ac04qw4xdxab05m5xvcs31dngqczwy1q3rktz2ftmn1zn9pxavg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%26client%3Dca-pub-8170966538152543%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g9t8pefeenfb03545w9d5y3msm7xrnska686s82jrdz1hg1gnp8km52qva8r7tcv3x9z5dhnxeaj1ww2hkbgxwjynphgs637r8tp7h6q6qvt9hpntp8bn5qpz2yyzk9f5pv474nspkgnxsxeh68x5b07k4hbq3b5y0e58vp4a51r2dhbn82xszxb83kkkej2d9wxkc00kjbhcbrnh6fdcn8cqkxx3xjce8q0dw1b96g8yvtckxjgrc8pq1b26a4pyft33peh987hjf0y5jt08y7shgg7bb51j1zy113k4tgs3s2xdac818nyd47d4882b5ay4dcr0jehp2ry9zkyb1kp12x78fmwn2n1khjpnyjh5vressydbz97389k347ac04qw4xdxab05m5xvcs31dngqczwy1q3rktz2ftmn1zn9pxavg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%26client%3Dca-pub-8170966538152543%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1019583
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 12 Jan 2022 16:25:05 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d28f94de9737541-LHR
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A85F 36 KB
13 KB 67ms
42ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g9t8pefeenfb03545w9d5y3msm7xrnska686s82jrdz1hg1gnp8km52qva8r7tcv3x9z5dhnxeaj1ww2hkbgxwjynphgs637r8tp7h6q6qvt9hpntp8bn5qpz2yyzk9f5pv474nspkgnxsxeh68x5b07k4hbq3b5y0e58vp4a51r2dhbn82xszxb83kkkej2d9wxkc00kjbhcbrnh6fdcn8cqkxx3xjce8q0dw1b96g8yvtckxjgrc8pq1b26a4pyft33peh987hjf0y5jt08y7shgg7bb51j1zy113k4tgs3s2xdac818nyd47d4882b5ay4dcr0jehp2ry9zkyb1kp12x78fmwn2n1khjpnyjh5vressydbz97389k347ac04qw4xdxab05m5xvcs31dngqczwy1q3rktz2ftmn1zn9pxavg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Mon, 24 Jan 2022 11:38:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74455
x-guploader-uploadid: ADPycdt0OMbyAR3gXTF6Rl2rw4MBYe51A8ntvTpDoBseKBA2jFWdZUc_LIp9nTghNdaATAfizsm6E6z8AFcMzizRbU2zXLapDQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9p2ALn1Mw3AndA%2BIpAulX7HXwrnX6Op3rjHoGEpoiYwin92a6lycIVCG2u476Dn8fXqtOl%2FFkqbS4%2Baige1HK%2FA4E0ZE%2FgSBdYHF%2BhfALFPaavX28t8I1xM3%2FmDPur%2B01NZfpU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6d28f94dd986776e-LHR
expires: Sun, 23 Jan 2022 14:57:13 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A85F 3 KB
4 KB 510ms
175ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437871
x-guploader-uploadid: ADPycduQslnaWTkdgyCSW10X9HZfliTfwhgzYd2JHG33aYwAYHT5nB8LLMxQJSEEagur70NZX6LrWqmiGbT7ICeXGGw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z21omHRfCOW2w1eBCTVWEPjXdqx7svAnwYq2Igl%2Bc%2BsPw0f4Bp5QsnbVgiqJTxtKiEEQHaGIkaQEwfd%2BD0ba4V8lL%2B4rXzusbZbyPX4G6whH0Md%2FVbH%2F4qMvdZ2CjJpg8lBE26LFM5dEduBlUKEkVZr5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d28f9513e55680b-SEA
expires: Thu, 19 Jan 2023 10:00:18 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 514F 2 KB
2 KB 65ms
65ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdusQCqzcste1viCqMs7-kvhCU53qtagBe5jRkcNXM8HNpNb8ST3HovydtM60MtU4rkxOvwPs0_Yjruykegksvg
expires: Mon, 24 Jan 2022 12:38:09 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2433153
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJYGIfHX%2FRE2vMWzNOB9YrSpXvJHORAryAJUwMjt5TeS62GtdEx4fe5UlUVhDlC3jrifL9FknjKXjWbAP5omsN8UrGSpzDkUa0y5i1Vkb0xn8bR8kv1G0aLfQOw3oatW39%2FnVAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d28f94edb017541-LHR
content-encoding: br

POST
H2 200 all
csm.eu.criteo.net/ Frame 979F 0
127 B 30ms
30ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6DC9 156 B
185 B 261ms
246ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C6887%2FMCM_Adsolut_correiobraziliense.com.br_GZ%2FMCM_Adsolut_correiobraziliense.com.br_GZ_1.2_27.10.2021&description_url=http%3A%2F%2Fcorreiobraziliense.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4305604429958795&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=530441589&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024289368&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=827858647438943&ged=ve4_td1_tt0_pd1_la1000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 666F 80 KB
15 KB 287ms
278ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C6887%2Fcorreiobraziliense.com.br_PSDFP_MCM_1.1_25.10.2021&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&ad_type=audio_video&sz=1x1%7C335x200%7C400x225%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1590277659227137&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4071463606&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024289374&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=406859927475394&ged=ve4_td1_tt0_pd1_la1000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f231222bfd994fc730df5bc58c539bd861d8464fcd9e2c7df8e09d6feb275241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15708
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FCD9 156 B
236 B 232ms
231ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C6887%2FMCM_Adsolut_correiobraziliense.com.br_GZ%2FMCM_Adsolut_correiobraziliense.com.br_GZ_1_26.10.2021&description_url=http%3A%2F%2Fcorreiobraziliense.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=45655043153602&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4043538810&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024289382&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=1549796788127575&ged=ve4_td1_tt0_pd1_la1000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F48E 82 KB
16 KB 224ms
224ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C6887%2Fcorreiobraziliense.com.br_PSDFP_MCM_1.7_25.10.2021&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&ad_type=audio_video&sz=1x1%7C335x200%7C400x225%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1719969366115761&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3355635601&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024289387&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=1797671274698459&ged=ve4_td1_tt0_pd1_la1000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c36c84bc6678af9ecb1e49cc39cefaa1d0fc69537e4e6f2f6c486a6f421c8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16161
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AC66 79 KB
15 KB 255ms
254ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F93656639%2C6887%2Fcorreiobraziliense.com.br_dfp_vast%2Fcorreiobraziliense.com.br_dfp_vast_1.1&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2868082174676227&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=711701113&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024289393&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=815170722657759&ged=ve4_td1_tt0_pd1_la1000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f838e2ba124a34c06241977d2db0b2753d567e63c098ec44360041d00cd5109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 98ms
70ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-3l9z
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU8BoH8jHVudMnPoMVqGH6VTRaCOaLGouGjQfBw%2FI6rw5dejub7YtsH1KX1VoUSKFEfUqJhD2sQ387UgRuKXZ4kpIb2Ym6Qd6ZcN2UebPn%2BXdH2v2fds4lwNfLw6VwcUOEq1T5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d28f9512a76593b-AMS

POST
H3 200 rs Show response
ad4m.at/ Frame A85F 2 KB
2 KB 64ms
64ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6a5d94b252d128e7e6d3f35905f1b9e4270b67dd3072474ca718fb7e6b890

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d28f9519b97593b-AMS
date: Mon, 24 Jan 2022 11:38:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2JXVVcZegI2Ipw1E4cjqCrzOKkYfRNtCMMu9pETaqUC3HZanq7UdUMyAxqlnWWWhHF3l3Rcdo6N5sPPN45cn2JUJedqEKueSIDyjwXhxpG6DjhS4Sc38PcsoxqzjuaWvVS3xwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-3l9z

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2901
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by: cache-hhn4044-HHN
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1643024290.553171,VS0,VE0
date: Mon, 24 Jan 2022 11:38:09 GMT
vary: Accept-Encoding
x-amz-request-id: 6CY1FG8Q11T7G8KE
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 24
x-cache-hits: 5725

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 20ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220124-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 8536
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by: cache-hhn4044-HHN
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1643024290.553290,VS0,VE0
date: Mon, 24 Jan 2022 11:38:09 GMT
vary: Accept-Encoding
x-amz-request-id: 4QYNQ0077R21PYSA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 24
x-cache-hits: 17958

GET
H2 200 / Show response
pips.taboola.com/ 4 B
132 B 19ms
18ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4061-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 46ms
20ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 20:48:34 GMT
content-encoding: gzip
age: 53375
x-guploader-uploadid: ADPycdti-QjCMnmzl3hh8ROTFlo0QlS_mR2C7mIQg7LXBe21jKjeaKH6vBSmMvAZaGKwwp977bTpX4HhZBE2TVTCo-a-d7wLhQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 20:48:34 GMT

GET
H3 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 45ms
20ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 18:00:19 GMT
content-encoding: gzip
age: 63470
x-guploader-uploadid: ADPycdvzML0yPnNU5nSZ_0MvRfw_JESJVKZoP_EWwaS9yxsbdOgufEYhOIITw9EevLAKuVpPAVtU604teBR-QcvKu1FgJK1OfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "c011d7eff3edda011a5511fb703d925a"
x-goog-hash: crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language: en
x-goog-generation: 1632418656103247
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 18:00:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 53ms
53ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011408&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a9bcc1ae88cbd209b9fe8578794ab8a6c56b1701c702a0ec78a3f6e0c59cee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9101
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FAF4 7 KB
4 KB 73ms
72ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efffcd5a889162eed47d7f80a7ec450e23e400a57bb1ad4f94d2bedfe58cb660

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g9t8pefeenfb03545w9d5y3msm7xrnska686s82jrdz1hg1gnp8km52qva8r7tcv3x9z5dhnxeaj1ww2hkbgxwjynphgs637r8tp7h6q6qvt9hpntp8bn5qpz2yyzk9f5pv474nspkgnxsxeh68x5b07k4hbq3b5y0e58vp4a51r2dhbn82xszxb83kkkej2d9wxkc00kjbhcbrnh6fdcn8cqkxx3xjce8q0dw1b96g8yvtckxjgrc8pq1b26a4pyft33peh987hjf0y5jt08y7shgg7bb51j1zy113k4tgs3s2xdac818nyd47d4882b5ay4dcr0jehp2ry9zkyb1kp12x78fmwn2n1khjpnyjh5vressydbz97389k347ac04qw4xdxab05m5xvcs31dngqczwy1q3rktz2ftmn1zn9pxavg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%26client%3Dca-pub-8170966538152543%26adurl%3D

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d28f95208f37541-LHR
content-encoding: br

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 219ms
219ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b442eaf16ac4514f8ea67f63e373fbd5b32f2726d21de41f98af3e7f72b58c67

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 24 Jan 2022 11:38:09 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 11e54125-2087-48e0-b719-c42cb91cb855
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
191 B 107ms
107ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiobraziliense.com.br
date: Mon, 24 Jan 2022 11:38:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 679 B
1 KB 137ms
136ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16558&site_id=134068&zone_id=633424&size_id=15&rf=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&kw=not%C3%ADciasdodia%2Cnot%C3%ADciaspertodemim%2Ctelegram%2Cextremismo%2Cdrogas%2Cnotasfalsas%2Carmas%2Cfakenews&tg_i.ref=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&tg_i.page=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&tg_i.domain=correiobraziliense.com.br&tg_i.dfp_ad_unit_code=6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fbrasil-politica%2Fcapa&tg_i.pbadslot=6887%2Fportal-correioweb%2Fcorreiobraziliense-com-br%2Fbrasil-politica%2Fcapa&tk_flint=pbjs_lite_v5.15.0&x_source.tid=0a3a2b89-1fd6-4f5a-8daa-0f9fc47aca0c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5078292060788145
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c91622c5a1cdb4d9a3289c27ff18e8f48fe52309581c551c1b1ec7675662dc58

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:09 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.correiobraziliense.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 679
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
115 B 106ms
105ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96984f0178781820781ca984f20088&pos=cb_publicidade_retangulo_2&cmd=bid&secure=1
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/static/cb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3f194f23e5406eb21e861d0e4077f652a75e09417bd1d8457b76291252d6772c

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.correiobraziliense.com.br
access-control-allow-credentials: true
content-length: 62

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 285ms
284ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=2718182550527163&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C200x200%7C300x250&fluid=height&prev_scp=identificador%3Dpublicidade-retangulo-interna%26implementado%3Ddinamico%26pos%3D3&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&bc=31&abxe=1&dt=1643024289607&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=458&adys=1601&adks=3899775937&ucis=8&hl=pt-BR&ifi=8&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=685x7921&msz=685x280&psts=AGkb-H9gHO0DtEbet8iZ025GvRQkzElXWJNniwYby_3Ixk3_B7_HAko-uCKSYeFuAI3z-6pMFtUz3dIFDCIkpSRjD5RBzIxa%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_evh5Br6R1vr93s8pN9zw7lwLnAAPVv1nUCD9oqK-C_ktfh7P8LSegREQQSCeJQIAuKvqXUud0AVbofuHTGME9K_IO%2CAGkb-H8ht92Nu1HzmrBQlkO5bF2WpF_MWMc7002q9DcCIpwet1KYXRffEQoZ3NOh0WEf2nmv7PwRnPyT5NqGODSVjcVtNIw6&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=4&ohw=760&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97d5bd38307c2cac7f70eada0d9b23b9f30901662e10880c48f79ab8aadb24bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 308ms
98ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 24 Jan 2022 11:38:09 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:09 GMT

GET
H3 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 18ms
17ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 20:48:34 GMT
content-encoding: gzip
age: 53375
x-guploader-uploadid: ADPycdti-QjCMnmzl3hh8ROTFlo0QlS_mR2C7mIQg7LXBe21jKjeaKH6vBSmMvAZaGKwwp977bTpX4HhZBE2TVTCo-a-d7wLhQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 24 Jan 2022 20:48:34 GMT

GET
H2 200 trk
tt-10276-8.seg.t.tailtarget.com/ 70 B
538 B 137ms
112ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10276-8.seg.t.tailtarget.com/trk?tA=TT-10276-8&tJ=_channel:site_todo:1&tK=1643024290&tM=direct&tL=direct&tN=direct&tY=3&tZ=703132168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 81 B
329 B 140ms
113ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_c_braziliense
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 84a40b920a789d27535aa88fd022689339125093474246c073b6ce61dad5bb73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0ACB 601 KB
195 KB 18ms
17ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 social
am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/3/ 0
230 B 26ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/3/social?route=AM:AM:V&lti=deflated&ri=0adb794e9381079d704d605d82c95533&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&pi=/politica/2022/01/4979732-no-submundo-do-telegram.html&wi=5580310786385734806&pt=text&vi=1643024286880&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Telegram%20abriga%20venda%20de%20armas%2C%20drogas%20e%20notas%20falsas%22%2C%22sec%22%3A%22redes%20sociais%20%22%2C%22aut%22%3A%5B%22Luana%20Patrolino%22%5D%2C%22img%22%3A%22https%3A%2F%2Fmidias.correiobraziliense.com.br%2F_midias%2Fjpg%2F2022%2F01%2F20%2F675x450%2F1_christian_wiediger_gwkioaj5ab4_unsplash-7355318.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=11%3A38%3A09.736&id=8363&llvl=2&cv=20220124-9-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 306ms
103ms XHR
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=609a764ab3287943571a812c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7D3C 601 KB
195 KB 17ms
16ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame FAF4 81 KB
11 KB 39ms
39ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1019584
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 12 Jan 2022 16:25:05 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d28f9533ac27541-LHR
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame FAF4 53 KB
54 KB 84ms
75ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311613
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdsVZia8wmigoM3FhoJ4mQWHDPTsLjov8AZXm9vcPoMZgP-wkgiOzF4q5ZMsCYb5eNWocI_mr3jSyP0Jn9zzUw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wCYN1t7w2FVlCD9rdE%2Bvrl7G7ujZ1xa%2Bo%2BnAdDCeSdZ97dTldjAj2HPLHHhqxT87N9EcrZIDvJcmecnAGb47ZgOXXwveA8jD%2FOsqYt6fwLEojrEYl2RbhiM4VKxd9OTHE1c3tG%2F%2FdVa62MZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:09 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6d28f9534e6d776e-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame FAF4 23 KB
23 KB 39ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318990
cf-polished: qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid: ADPycdvMahIVZoEFv8IKhp72PxcDsQl3YjyBmbRX-_4_G8JUSFFlmYEg6dHNVZMXBKXEtyzptcnqy4OO0C1wUFcjiA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MESkwl3RBUiuvaXQLNs96jWG559xUrcjiBRXOMRjpTAt%2FKgN1NfV69QKyQEB0RByznvLGFjkKQLqYa8FmAlT7Bf7bIbAYqKF6eYcw%2BM3sh%2FWp6qIHT%2Fx54OlWH5KwOb0nqq2d8PFwYmlrRCu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639072283176296
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:09 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 132437
accept-ranges: bytes
cf-ray: 6d28f9534e7c776e-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame FAF4
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p...

49 B
1 KB

117ms
43ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:10 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022012412380962668515371X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame FAF4 9 KB
10 KB 70ms
68ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570843
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdut9XnatnBuh9vhv2CwqNcBJ9vFk1jXBi2A7BBVZXIzMWZG5bB5sW0kjuEg8YuXtlypv8wF6vDWVUlNQVojYu5iFSZFaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qpM1nnH%2BqruoWPSeWdbJg22QNdR1Da7Zw45HXDKxBG4hnNMBoaW0ns0Ptp%2BLKr%2BOURERfbmhPruPPXry96A1qtQDCcmPH52D5T0GMMi4yWGj10ATWaurB%2FmztP5IkStD1eXJqifK7y%2BqHVv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:09 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6d28f9534e83776e-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame FAF4 19 KB
19 KB 67ms
66ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1009597
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycdtNfJhMSdSDdr7Vx4R2YLyji-0curK5sX30tHOXlFmipkf6kIlP9CBJ_hzsUs41DImGvwSV6I0FgsuTwNRNZKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19022
last-modified: Wed, 10 Nov 2021 15:00:52 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQkMoW5Snl4koMERqfZuBCW72Zm1ClAJET72zi6TvREelOKmFFdTG%2BAsVSEf3vtGABQhEd3CjDmE5Y9umVunsl99BIOjVzoMmVTTHJTfpuLM7Rk42fDHexklSETX5f6Sij0FjJDs4kFZg6yQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636556452656256
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:09 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6d28f9534e86776e-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame FAF4
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012412380962668515367X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-f...

49 B
1 KB

147ms
28ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012412380962668515367X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:10 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022012412380962668515367X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame FAF4 38 KB
38 KB 40ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260895
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycds1wdkcSNi9paG-ShkRMa7o5olrFZc_tdU8XE3vgvxB4o42aO1AxHslrXWqXDsoaHJpK_k3aunn5QUcRsF6JQZxYufPWw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aThiZFoTygiCQIARkzMQUJ9RbQRg4E8UTDEYtiBP3626xDl2nwKQl5S7OXbyQpIAqS76GrDu5p5e3IhvcTytC8u5CldizHjuTi5laLJI6FqAFw1kpeN8ANNubMrQWLi6cbdCjL87mm%2FtBR1%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:09 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6d28f9534e87776e-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame FAF4 84 KB
84 KB 65ms
65ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Mon, 24 Jan 2022 11:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260217
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdusqPbP08HyPZglqU1h0LHxxLxaVZ4eSQ8L-HDrMWBqwdmIeQPfXvT95EjfDxTUqj_zV7nOd1YGq057l8mBykc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIzeJ0djh1PUllCHfnkREFBG8QhQ4dgprbyaqsKkrlReAlRgMGt5fmHGppi48SBZ9wv4yG7k4Y3YIKRj%2Ba6I7YusSOqFyuKoMcJ2k6e6WHegBN0OBlLaJbiOlaEyr6YGcJH7qfRM9sYksuEe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Tue, 25 Jan 2022 11:38:09 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6d28f9534e88776e-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 217F 37 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E3E4 13 KB
5 KB 16ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 11:08:48 GMT
expires: Tue, 24 Jan 2023 11:08:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BDAA 783 B
535 B 26ms
26ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e8a26ac27d73c9ae034e4ffba911f1ea1f133c9dcf8160d85c4cfac027d43cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4RejwOwpn5PcQ1i83fUVsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 24 Jan 2022 11:38:09 GMT
date: Mon, 24 Jan 2022 11:38:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4RejwOwpn5PcQ1i83fUVsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 65EB 37 KB
13 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 666F 0
327 B 110ms
49ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kysm8n7k&c=8755198143342&slotId=4377599071671&qqid=CKbWg7mmyvUCFZbGuwgdHsQAQg&gqid=oY_uYaKsGNSalQfGxq6YDA&fb=ima_html5-lima&sdkv=h.3.495.1&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44738438%2C44751786&met.4=ghmsh_s.kysm8no3~ghmsh_s.kysm8no3&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=hRWGBNzsI7yWWEJ2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 666F 453 B
478 B 17ms
17ms Image
image/png 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-7692867590391817

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:25:49 GMT
x-content-type-options: nosniff
age: 740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jan 2022 12:15:49 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 666F 42 B
536 B 72ms
28ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcQitoY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIkDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZE70rZooEAFFt7oBDDtghfGO7znnCPxhrIQo6HlEH-3XoOj3eJr6RnFjXowsvy3wASsjvTm3QPgBAGIBYv1trY3kgUGCAMQARgBoAZUgAe7gIN-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgHAQARgdsQmarcOn4w3_3YAKA5gLAcgLAdALDrgMAdgTDNAVAZgWAeIWAggBgBcB&sigh=BQ8eUklJ-kU&label=show_ad&acvw=&sdkv=h.3.495.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUxMDUzNDMwNDk4MzIMNTY0NzMyNDc2ODcyQO0CUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 666F 0
0 55ms
54ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cgp1XoY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIYDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZFj0xR0qHqTNExtkKDTJ4ffqV7rAenwmbi9qY_9sPtNUh5jcfdH8Z50BUSVwASsjvTm3QPgBAGgBlSAB7uAg36oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBDK_0CoCAHSCAkIgOGAcBABGB2ACgPICwHCEwYYrf_8gQPYEwzQFQGYFgHiFgIIAYAXAbIXHgocCAASFHB1Yi00NTg2NDE1NzI4NDcxMjk3GIbXdw&sigh=Rmt9dBoUsIs&cmd=Ch1jYS12aWRlby1wdWItNDU4NjQxNTcyODQ3MTI5NxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vt=10&sdkv=h.3.495.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUxMDUzNDMwNDk4MzIMNTY0NzMyNDc2ODcyQO0CUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 666F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 322ms
321ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=217151344019347&correlator=905991794183480&output=ldjh&impl=fifs&eid=31063377&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=6887%2Cportal-correioweb%2Ccorreiobraziliense-com-br%2Cbrasil-politica%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C200x200%7C300x250&fluid=height&prev_scp=identificador%3Dpublicidade-retangulo-2%26implementado%3Ddinamico%26pos%3D11&eri=1&cust_params=testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Ccorreiobraziliense%252Ccom%252Cbr%252Cpolitica%252C2022%252C01%252C4979732-no-submundo-do-telegram%252Chtml%26titleofpage%3DTelegram%2520abriga%2520venda%2520de%2520armas%252C%2520drogas%2520e%2520notas%2520falsas%26tagsofpage%3Dnot%25C3%25ADcias%2520do%2520dia%252Cnot%25C3%25ADcias%2520perto%2520de%2520mim%252Ctelegram%252Cextremismo%252Cdrogas%252Cnotas%2520falsas%252Carmas%252Cfake%2520news%26reload%3D0&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&bc=31&abxe=1&dt=1643024289878&lmt=1643014268&dlt=1643024286446&idt=314&frm=20&biw=1600&bih=1200&oid=2&adxs=1117&adys=1621&adks=2539784185&ucis=9&hl=pt-BR&ifi=9&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&vis=1&scr_x=0&scr_y=0&psz=336x9543&msz=336x280&psts=AGkb-H9gHO0DtEbet8iZ025GvRQkzElXWJNniwYby_3Ixk3_B7_HAko-uCKSYeFuAI3z-6pMFtUz3dIFDCIkpSRjD5RBzIxa%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_evh5Br6R1vr93s8pN9zw7lwLnAAPVv1nUCD9oqK-C_ktfh7P8LSegREQQSCeJQIAuKvqXUud0AVbofuHTGME9K_IO%2CAGkb-H8ht92Nu1HzmrBQlkO5bF2WpF_MWMc7002q9DcCIpwet1KYXRffEQoZ3NOh0WEf2nmv7PwRnPyT5NqGODSVjcVtNIw6&ga_vid=71222113.1643024287&ga_sid=1643024287&ga_hid=1171883170&ga_fc=true&fws=4&ohw=336&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bb7d387bfc3403a32841b15f3dec4678fbca45ceb0a65d35dfe888bd51bddb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11374
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiobraziliense.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E477 0
54 B 49ms
49ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kysm8mv5&c=8755198143342&slotId=4377599071671&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 666F 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.495.1&e=44738438%2C44751786&id=ima_html5&c=853038455876426&domain=www.correiobraziliense.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54B1 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZcEZB3Nd7rUdYTFVaXyvKHy_D0fweAr3pwFV49BE0LalUJz7BNezzkckiAx2AyMJ-sxLs0aNU126-BzVQVgZJbw&sig=Cg0ArKJSzItB1tNW9qPvEAE&cid=CAASF-RoyUAtYiT1CKt8aQhqwdtkv7R-hcHh&id=lidar2&mcvt=1062&p=1110,436,1200,1164&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3054029751&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643024288631&rpt=151&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr2---sn-4g5edn6y.googlevideo.com/
Redirect Chain

https://rr2---sn-4g5e6nss.googlevideo.com/videoplayback?expire=1643053089&ei=oY_uYY6xJcaI6dsPqIi-mAI&ip=217.114.215.131&id=86356858bd192091&itag=22&source=youtube&requiressl=yes&mh=D5&mm=31&mn=sn-4...
https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1643053089&ei=oY_uYY6xJcaI6dsPqIi-mAI&ip=217.114.215.131&id=86356858bd192091&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&c...

2 MB
2 MB

86ms
20ms

Media
video/mp4

2a00:1450:4001:f::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1643053089&ei=oY_uYY6xJcaI6dsPqIi-mAI&ip=217.114.215.131&id=86356858bd192091&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1640532416338778&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP99DFJ0Lrsy6ifSZWm2JSeebysTYsrZhfrzPuZmoCwOAiEAqDrP6Amz-522Wm1XpL7j0XGXR4BuuSxNKeluRTzhogE=&cpn=hRWGBNzsI7yWWEJ2&redirect_counter=1&rm=sn-4g5ezl7l&req_id=833a34a51e2936e2&cms_redirect=yes&ipbypass=yes&mh=D5&mip=2001:1b60:1010:3:1012:985c:946f:e8b0&mm=31&mn=sn-4g5edn6y&ms=au&mt=1643024222&mv=m&mvi=2&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKzp01yGiMtX6BDclKxed5qPp-OVTaxi_VXmdmGScDTKAiEA9VW-fsdGpFZ5nGF_1QiG3svzUVdka7n19bM8UMpy1sc%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:f::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b993534808b2d9670503a3e467240bfee3164e3c44b508b139bdcf5c4d440e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:38:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Dec 2021 15:26:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1602013/1602014
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1602014
Expires: Mon, 24 Jan 2022 11:38:10 GMT

Redirect headers

Date: Mon, 24 Jan 2022 11:38:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1643053089&ei=oY_uYY6xJcaI6dsPqIi-mAI&ip=217.114.215.131&id=86356858bd192091&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1640532416338778&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAP99DFJ0Lrsy6ifSZWm2JSeebysTYsrZhfrzPuZmoCwOAiEAqDrP6Amz-522Wm1XpL7j0XGXR4BuuSxNKeluRTzhogE=&cpn=hRWGBNzsI7yWWEJ2&redirect_counter=1&rm=sn-4g5ezl7l&req_id=833a34a51e2936e2&cms_redirect=yes&ipbypass=yes&mh=D5&mip=2001:1b60:1010:3:1012:985c:946f:e8b0&mm=31&mn=sn-4g5edn6y&ms=au&mt=1643024222&mv=m&mvi=2&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKzp01yGiMtX6BDclKxed5qPp-OVTaxi_VXmdmGScDTKAiEA9VW-fsdGpFZ5nGF_1QiG3svzUVdka7n19bM8UMpy1sc%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 24 Jan 2022 11:38:10 GMT

GET
H3 200 container.html Show response
ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D0E2 6 KB
3 KB 18ms
17ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 11:38:06 GMT
expires: Tue, 24 Jan 2023 11:38:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame FAF4 1 KB
2 KB 385ms
191ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g02xbwhm7340rtpbw4m90x7hzrpkv5f41y8h6v7f8by7yr0t1ar0f6dmkjqy3wnn89b5322f9wd9w6w9zm9ftt39dbjg9kp2d17artgwc2qv54tjvh2zxc03zwmmf6m6deh2p4sxnwbhsgg9gvat3s8vbd2rgyf9sxdc7k1mxkvnkcqyan68csjb3kpxxw2gyx2ajcy3te97435n6qyczt45sw1xy18yjf1q6ze79fxv143wprp4bpsspg2h31k3yrafqkgx10d11vrbqekbjbwb62jc5dzr1cr57ke087wht5p8wkk88g%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: d7947439d3b634c8e23e1be67cb0e9f0d905de8a0d64d6fe8e02bb08cf20fd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:10 GMT
Last-Modified: Mon, 24 Jan 2022 11:38:10 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1441
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 social
am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/3/ 0
230 B 23ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariosassociados-correiobraziliense/log/3/social?route=AM:AM:V&lti=deflated&ri=0adb794e9381079d704d605d82c95533&sd=v2_3753a8cf0ada976f8cc4a83bca7eb1b1_ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e_1643024286_1643024286_CNawjgYQ6ohBGKCJhN_oLyABKAEwODib4wlAiYoQSNi22QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=ab0b38fa-f918-4679-b271-da6fcb1469cd-tuct8e8151e&pi=/politica/2022/01/4979732-no-submundo-do-telegram.html&wi=5580310786385734806&pt=text&vi=1643024286880&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A8%2C%22ly%22%3A504%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=11%3A38%3A09.994&id=1126&llvl=2&cv=20220124-9-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BDAA 0
0 84ms
82ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011408&jk=217151344019347&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D0E2 0
0 91ms
91ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1cNCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEggNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkRNHyI2sgw2PN2MjrBwJ9gR09AWfftIViImTBuuYRmrJlKXcDEGNOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODAwNzAwMTU0NzAxMjI4Mxju0RA&sigh=DWQCBiDC7zw&uach_m=[UACH]&cid=CAQSPACNIrLMmmyKUU1XriCZawISojMcZOmh5evrZJKulDCo9tdD--W301r2kv-SoYByj5kbcBya7NlplO1bMRgB
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame D0E2 0
0 51ms
28ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hb8m0k1je1t1jjazjjz22rassh23gxcbe31ky92bh2gmfxmhzrkbef08s9y9npa3v5328yh303sybm4d9456ydt8acdhjv4x2bsxja73by34mc2f46xm3qz5a5ds16dh9095rwqj0m3dez309cve9y7xhkw052megnt23b4tjxcnr080sqs2zbfwt51bxa6q1pap08njzj45zmpa25caz4734sega1paw6dj9t67y4wznhg6pmcjv78v4q70skvw2d6d7b1n58cfe14k1xk3svgn0ev9hzwg5n8jhg4pwdgar2cedynmfetsajm2fmpdg6f9v113tker64q0hmzgfj1f4mp72w5f89254vm4v9svvn5crzrtxrq70n6qezmf3zn773vexm9ysqtgyyg1z8zavf62&b=Ye6PoQAKS0kK4EiIAAEUAxG-017Y8YrsQiOZfQ
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 650D 2 KB
3 KB 58ms
57ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h4nwnbdfq7g6m8em829adcpat78wfq845mg7scgh6pfp9rvvqy0jj8qkfbtpynb4y94tdtec0pv60g7f8gn2jfhwzq0ewbzbs7rxcbreqjm5zh7pfjga4fn8anf9d9wcanhq7jftex0v1bevyfye4frenvg8snv5f8q9n64xcv4he9ebjxy47hvs9vswctfvtrw79mxc0st8fhvs4xv8h7q6mkpst5jra3psjx68vyfkas7ystnkwv9nc5hzstdf2ngpkn7xdvr3a3k69ke617ndrhtemj0v2hrdvn1hcbcxdhmdwj4d9frrgtpvxvaahfgh0kzvm23s4fabdd45fyj6163v9f5fcjcyba7jk2fq7ytda0jxzvry7vpy4j8855ryccxr4r0kk0kp5yxc0mdae8pv6ye85dy7p2mzchy1tkb8rkm2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%26client%3Dca-pub-8007001547012283%26adurl%3D

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c7ced307655b9625949ec1783f2929ae6a52db4164c283009a8e9f8f667d8b2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d28f954bd727541-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame D0E2 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:35:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6429 1 KB
749 B 21ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 23 Jan 2022 13:26:12 GMT
expires: Mon, 24 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 79918
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0E2 122 KB
37 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame D0E2 15 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:27:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D0E2 0
0 27ms
25ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqLIFb-_hXQy68ogJT_6lcZ_mU2WAlAjwK8I32ypxfs6G1vqiquifulXfEOs00BEFI2wJ5dPCKEsPzFD6MT-bvtRk5lw
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D0E2 22 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 10:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Jan 2023 10:05:09 GMT

GET
H3 200 i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js Show response
pagead2.googlesyndication.com/bg/ Frame E3E4 35 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 15:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 15:29:36 GMT

GET
H3 200 b Show response
b.t.tailtarget.com/ 146 B
138 B 138ms
117ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10276-8&tY=1&tS=2&tU=0100007FA18FEE61F50616AC022F840E&tX=b.52&tZ=73525304&env=_ttq_tt_c_braziliense
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: c0241dd1c731609f2a49a41ac1439bf49a60dc52f584a005a879401d3b04c77e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0ACB 156 B
147 B 235ms
235ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F93656639%2C6887%2Fcorreiobraziliense.com.br_dfp_vast%2Fcorreiobraziliense.com.br_dfp_vast_1.5&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4215089104551848&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4137401565&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024290154&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=3309130407051749&ged=ve4_td2_tt1_pd2_la2000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 650D 81 KB
11 KB 40ms
39ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4nwnbdfq7g6m8em829adcpat78wfq845mg7scgh6pfp9rvvqy0jj8qkfbtpynb4y94tdtec0pv60g7f8gn2jfhwzq0ewbzbs7rxcbreqjm5zh7pfjga4fn8anf9d9wcanhq7jftex0v1bevyfye4frenvg8snv5f8q9n64xcv4he9ebjxy47hvs9vswctfvtrw79mxc0st8fhvs4xv8h7q6mkpst5jra3psjx68vyfkas7ystnkwv9nc5hzstdf2ngpkn7xdvr3a3k69ke617ndrhtemj0v2hrdvn1hcbcxdhmdwj4d9frrgtpvxvaahfgh0kzvm23s4fabdd45fyj6163v9f5fcjcyba7jk2fq7ytda0jxzvry7vpy4j8855ryccxr4r0kk0kp5yxc0mdae8pv6ye85dy7p2mzchy1tkb8rkm2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%26client%3Dca-pub-8007001547012283%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4nwnbdfq7g6m8em829adcpat78wfq845mg7scgh6pfp9rvvqy0jj8qkfbtpynb4y94tdtec0pv60g7f8gn2jfhwzq0ewbzbs7rxcbreqjm5zh7pfjga4fn8anf9d9wcanhq7jftex0v1bevyfye4frenvg8snv5f8q9n64xcv4he9ebjxy47hvs9vswctfvtrw79mxc0st8fhvs4xv8h7q6mkpst5jra3psjx68vyfkas7ystnkwv9nc5hzstdf2ngpkn7xdvr3a3k69ke617ndrhtemj0v2hrdvn1hcbcxdhmdwj4d9frrgtpvxvaahfgh0kzvm23s4fabdd45fyj6163v9f5fcjcyba7jk2fq7ytda0jxzvry7vpy4j8855ryccxr4r0kk0kp5yxc0mdae8pv6ye85dy7p2mzchy1tkb8rkm2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%26client%3Dca-pub-8007001547012283%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1019585
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 12 Jan 2022 16:25:05 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d28f955af107541-LHR
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 650D 36 KB
13 KB 80ms
80ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4nwnbdfq7g6m8em829adcpat78wfq845mg7scgh6pfp9rvvqy0jj8qkfbtpynb4y94tdtec0pv60g7f8gn2jfhwzq0ewbzbs7rxcbreqjm5zh7pfjga4fn8anf9d9wcanhq7jftex0v1bevyfye4frenvg8snv5f8q9n64xcv4he9ebjxy47hvs9vswctfvtrw79mxc0st8fhvs4xv8h7q6mkpst5jra3psjx68vyfkas7ystnkwv9nc5hzstdf2ngpkn7xdvr3a3k69ke617ndrhtemj0v2hrdvn1hcbcxdhmdwj4d9frrgtpvxvaahfgh0kzvm23s4fabdd45fyj6163v9f5fcjcyba7jk2fq7ytda0jxzvry7vpy4j8855ryccxr4r0kk0kp5yxc0mdae8pv6ye85dy7p2mzchy1tkb8rkm2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%26client%3Dca-pub-8007001547012283%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74457
x-guploader-uploadid: ADPycdtOXflsdf1fLUJqmfUgsI0rHyINN1TFDP-Rjd3xF_89bJYCgz8OJx15HcMSIrHx0lgfLkYL_zrEPdLe5XMoP_Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayIBA3D%2BOk7S%2BUbEiAka86i0ohC22Qj7pNp8Na5WAHYbpqWBlb8ArvvSTj4QJ4PQ%2FwXlqWExwSkWjChWn34MIgJ0ZgGwaSL8GVTX0VDHOpltd1YFnzhZdUg6%2Bwf0pf%2FZDUGRUvo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6d28f955af117541-LHR
expires: Sun, 23 Jan 2022 14:57:13 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7D3C 156 B
147 B 213ms
213ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F93656639%2C6887%2Fcorreiobraziliense.com.br_dfp_vast%2Fcorreiobraziliense.com.br_dfp_vast_0.8&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4091545221242699&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=395720405&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024290208&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=2232324492413204&ged=ve4_td2_tt1_pd2_la2000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A45A 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Jan 2022 11:38:06 GMT
expires: Tue, 24 Jan 2023 11:38:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D0E2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46727c90b66ef339ba3ca7534f0a5a269814b2a7f35c04aa412026e755f2dd6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6429
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1&google_push=AYg5qPK2J9eQIL-bw46MjHvEurwo_WldevZ8nBH7nZ_kX_znkVO7tF_VJ0VucNoWbNL9aJXdOAcw03E54cUaEqn4q8_D4xLI1rs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzA1MDczNDkzNjc2MjM4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1

43 B
407 B

25ms
24ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN_fB-zRhr_bFG08YC2OgKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6429
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPKgjexDAmaY1X909WUrR8MLT7nE26ADwoINHn6-Bd-...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPKgjexDAmaY1X909WUrR8MLT7nE26ADwoINHn6-Bd-ztASVq8G2i4Go8fOTrX-GnxdMTWQ40AhjkX-avGVBZ3qRDUpGhu8

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:10 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0fb8f8c60b2bcfa88@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPKgjexDAmaY1X909WUrR8MLT7nE26ADwoINHn6-Bd-ztASVq8G2i4Go8fOTrX-GnxdMTWQ40AhjkX-avGVBZ3qRDUpGhu8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6429 0
191 B 85ms
78ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJxQhF2YP5ezhrwFub8S5Rs&google_cver=1&google_push=AYg5qPLIHBo3O0E6aKjUzDbJlJ02aJ58Ih__0B8B_FF1kHTrTVJsY3NRpnHgDbfh8CLUlB6kfo1f75A3fLg6_fV3znB7MfkO94Y
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:09 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6429
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOce5Ur5ajVDkG5lcvaO7tw&google_cver=1&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2E...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOce5Ur5ajVDkG5lcvaO7tw&google_cver=1&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2ESqWzTg&google_hm=jvyH70aBQ46VyOUYwbipbw==

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2ESqWzTg&google_hm=jvyH70aBQ46VyOUYwbipbw==

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgnGX_H7NVRcOwdMcLB_J5J6oy1vosi8Gcw0-ZjS7LhWAAC7VqvFjsnZ2_HeVZNZ1iImrsRVI-wXHpo3hAON2ESqWzTg&google_hm=jvyH70aBQ46VyOUYwbipbw==
Date: Mon, 24 Jan 2022 11:38:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6429
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPDrzqzhaFV2pREJRDpAE-4&google_cver=1&google_push=AYg5qPL3u4WzrbixPmOFfql8P4I2FZNoBTxQZKLcGi4uPsWpAB7TtgYht5EChxYjoiqsXZhgWTV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&google_push=AYg5qPL3u4WzrbixPmOFfql8P4I2FZNoBTxQZKLcGi4uPsWpAB7TtgYht5EChxYjoiqsXZhgWTVvPoHw4MRO51jfCnUon8U2dbA

170 B
188 B

87ms
87ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&google_push=AYg5qPL3u4WzrbixPmOFfql8P4I2FZNoBTxQZKLcGi4uPsWpAB7TtgYht5EChxYjoiqsXZhgWTVvPoHw4MRO51jfCnUon8U2dbA

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lTTThMSEwtMjQtTE9PQQ==&google_push=AYg5qPL3u4WzrbixPmOFfql8P4I2FZNoBTxQZKLcGi4uPsWpAB7TtgYht5EChxYjoiqsXZhgWTVvPoHw4MRO51jfCnUon8U2dbA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 6429 0
75 B 266ms
28ms Image
text/plain 185.86.138.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHBh0CFwY2YxJQ4qqHxKfCQ&google_cver=1&google_push=AYg5qPJnQ8kVYbFlDXO0p28mP2uTK0zxC5gg1TLLiMMY9nFXFCsPMtff9Hx9qRVr_GgeP76qrmztQt3zmg_98G2op40sWYL3WwA
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6429
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDksMSdDWZmV1lJeR9Ch9WU&google_cver=1&google_push=AYg5qPIqPWQPVgu8Zn4XkV70MlEzmPvyzVbOwaDpQjCLVmxKm-z8ZfBCYuhmgpFosOfsZTT2Jj...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rZnNkOU9GRTJ1Rm9zVWJBUmJxejlNQnhWeFlBOEVSQn5B&google_push=AYg5qPIqPWQPVgu8Zn4XkV70MlEzmPvyzVbOwaDpQjCLVmxKm-z8ZfBCY...

170 B
188 B

70ms
70ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rZnNkOU9GRTJ1Rm9zVWJBUmJxejlNQnhWeFlBOEVSQn5B&google_push=AYg5qPIqPWQPVgu8Zn4XkV70MlEzmPvyzVbOwaDpQjCLVmxKm-z8ZfBCYuhmgpFosOfsZTT2JjtMbVrcTe_xEhqIwIQ5lbhsXRfC

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rZnNkOU9GRTJ1Rm9zVWJBUmJxejlNQnhWeFlBOEVSQn5B&google_push=AYg5qPIqPWQPVgu8Zn4XkV70MlEzmPvyzVbOwaDpQjCLVmxKm-z8ZfBCYuhmgpFosOfsZTT2JjtMbVrcTe_xEhqIwIQ5lbhsXRfC
date: Mon, 24 Jan 2022 11:38:10 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6429 0
12 B 69ms
64ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQrOsAaKk-cBUva-Bj94PT-T-KO_ywn16eUh_eOlv0m4iPPhUNav1y0fdEWX45BKJ9c3FweA

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 csi
csi.gstatic.com/ Frame 666F 0
17 B 134ms
66ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kysm8nq0&c=8755198143342&slotId=4377599071671&qqid=CKbWg7mmyvUCFZbGuwgdHsQAQg&gqid=oY_uYaKsGNSalQfGxq6YDA&fb=ima_html5-lima&sdkv=h.3.495.1&mrd=6&aab=1&itv=1&met.4=ghmsh_s.kysm8nq1~vss_tr.uq
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 650D 3 KB
4 KB 180ms
84ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19781908
x-guploader-uploadid: ABg5-UzDXz48Jp5FL0TmyQDSscMPwQiKL8JA4FKbkcP1npkz9mbjqsx6NGoabUShkVVvzmaj0A5RwcAjwhv-JhQocsL5sa0hzg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8m15JD%2BK3JC%2F7WnBNaILy9Ea0DPwFg4mEymqeGCoi5XZ%2BxEQL2HubEkD%2Bxu7hf4ES5aLUTewtv90TRv5LgcS3GS0SYttUlB1m5Q%2B6X56IvT9zxD9rKOtO%2FzaVFZ8w5hkf8dZNy70%2FIGFduUFmVUPHx%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d28f957084dcdbb-CDG
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 666F 42 B
64 B 118ms
31ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcQitoY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIkDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZE70rZooEAFFt7oBDDtghfGO7znnCPxhrIQo6HlEH-3XoOj3eJr6RnFjXowsvy3wASsjvTm3QPgBAGIBYv1trY3kgUGCAMQARgBoAZUgAe7gIN-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgHAQARgdsQmarcOn4w3_3YAKA5gLAcgLAdALDrgMAdgTDNAVAZgWAeIWAggBgBcB&sigh=BQ8eUklJ-kU&label=video_ad_loaded&acvw=&sdkv=h.3.495.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUxMDUzNDMwNDk4MzIMNTY0NzMyNDc2ODcyQO0CUh0QDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B572 2 KB
2 KB 96ms
95ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdusQCqzcste1viCqMs7-kvhCU53qtagBe5jRkcNXM8HNpNb8ST3HovydtM60MtU4rkxOvwPs0_Yjruykegksvg
expires: Mon, 24 Jan 2022 12:38:10 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2433154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld4T8DbMC4MKV%2FTFG5IJNIlyL50JZq00DfNLkyFo2DPvVbvQGXZN%2Fg2%2BZunAN2%2FnyB098YuUXrPtm8fzteTDoh82Jdj5Bk50PSlN8uKSXiseXiS%2BnahdqwJy7TacJfEawTJ8i10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d28f95688977541-LHR
content-encoding: br

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 666F 41 KB
15 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 13:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 21 Jan 2023 13:14:01 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 666F 0
0 92ms
92ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cgp1XoY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIYDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZFj0xR0qHqTNExtkKDTJ4ffqV7rAenwmbi9qY_9sPtNUh5jcfdH8Z50BUSVwASsjvTm3QPgBAGgBlSAB7uAg36oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBDK_0CoCAHSCAkIgOGAcBABGB2ACgPICwHCEwYYrf_8gQPYEwzQFQGYFgHiFgIIAYAXAbIXHgocCAASFHB1Yi00NTg2NDE1NzI4NDcxMjk3GIbXdw&sigh=Rmt9dBoUsIs&cmd=Ch1jYS12aWRlby1wdWItNDU4NjQxNTcyODQ3MTI5NxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.495.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 666F 42 B
64 B 104ms
31ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGyiloY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIYDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZFj0xR0qHqTNExtkKDTJ4ffqV7rAenwmbi9qY_9sPtNUh5jcfdH8Z50BUSVwASsjvTm3QPgBAGIBYv1trY3oAZUgAe7gIN-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgHAQARgdgAoDyAsB2BMM0BUBmBYB4hYCCAGAFwE&sigh=iMcEGLK3QPc&cmd=Ch1jYS12aWRlby1wdWItNDU4NjQxNTcyODQ3MTI5NxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D934,1165,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D763%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D196726433%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1603%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1643024289914&sdkv=h.3.495.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUxMDUzNDMwNDk4MzIMNTY0NzMyNDc2ODcyQO0CUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25I3QNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 666F 42 B
64 B 91ms
90ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3xTh0PO_n6UxgnoJw2nKcu8VWQbob5uZsgUBOU0n75ebJ8kTL83UUlA6_JdMt4N9U-N7BM1dzhV6PJ7QwlacjhtMhC4jNd9WVHDfd2XYodlAg1SKcOLskW5_uXst0o2W2iaH9KT9zyhRQ&sai=AMfl-YTmjEHSYNhBGpFW6e_SqaARE0sj-SXlBemHg_yRj24XbSHxaQrQyym0juN9l2ghnTOSUSX_23tevrmnP7WVeR5fZQWpI7Z2Y7FVBPqFWHtfXPNvMWJ8gZDnmEXF&sig=Cg0ArKJSzK4zCGvNeBNAEAE&cid=CAASPeRoKxHNaRZhwWheMrBtFkF2pSHBSf3n7P4Rmr4NuskKd_HVulNoVgeDVfYNewclmv5WPJldOJgLtwrkcFs&id=lidarv&acvw=sv%3D915%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D934,1165,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D763%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D196726433%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1604%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1643024289914&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 666F 42 B
64 B 104ms
31ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGyiloY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIYDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZFj0xR0qHqTNExtkKDTJ4ffqV7rAenwmbi9qY_9sPtNUh5jcfdH8Z50BUSVwASsjvTm3QPgBAGIBYv1trY3oAZUgAe7gIN-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgHAQARgdgAoDyAsB2BMM0BUBmBYB4hYCCAGAFwE&sigh=iMcEGLK3QPc&cmd=Ch1jYS12aWRlby1wdWItNDU4NjQxNTcyODQ3MTI5NxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D934,1165,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D763%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D196726433%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1605%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1643024289914&sdkv=h.3.495.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUxMDUzNDMwNDk4MzIMNTY0NzMyNDc2ODcyQO0CUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25I3QNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 666F 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.495.1&e=44738438%2C44751786&id=ima_html5&c=853038455876426&domain=www.correiobraziliense.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 666F 42 B
64 B 105ms
32ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGyiloY_uYeaBGpaN7_UPnoiDkAT64PnbZ9eJ3fHtDrCQHxABIOm7y31glZKqgrAHoAGt__yBA8gBBakCnSkMHmn-sj7gAgCoAwGYBACqBIYDT9AxL_TqaCtI39xGdCs-j9Ayek0gPFV01WBXWXjpDvnygJi35U7yPu_XmLrX534XlUvZB2gFzfqDTC8lq0i8k5qrqwDcMdFzhRF0HsfuAdGJRYOuazwJN5IGd5jCiskDvyOpjohIEOzmYaec2zteV4ZzZFZMwiq-ixpstvJl0fj6ok-bO4UdFQ4_Z4hGVdxLhhkU1Ke3U5kbyY2NJqhyLOwYbjiQXbFik13fCQL9RZ8dFiatn--gaM0pkdQrWj48_PL0wZKOGSHLo8Y2vXT4t2ztz732JZXrg7-9y4zTJ821ZP_IzHk1eEh28gc29T3e-XTqigBBV4lYCIO8nxCiJ12dOla4czzSEmHnMbBF3Vf_xrOKIqe-86ymZ9IxsAgkHyMC1Z4Qb-Bou2lZ87466fVP2IsdO_gGs1YCWI8A67jbtijToAS1PIw49t0eBy8UNngDHM-0o9wafZFj0xR0qHqTNExtkKDTJ4ffqV7rAenwmbi9qY_9sPtNUh5jcfdH8Z50BUSVwASsjvTm3QPgBAGIBYv1trY3oAZUgAe7gIN-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgHAQARgdgAoDyAsB2BMM0BUBmBYB4hYCCAGAFwE&sigh=iMcEGLK3QPc&cmd=Ch1jYS12aWRlby1wdWItNDU4NjQxNTcyODQ3MTI5NxAAGAI&label=admute&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D934,1165,1190,1590%26tos%3D14,0,0,0,0%26mtos%3D14,14,14,14,14%26amtos%3D0,0,0,0,0%26mcvt%3D14%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26dvs%3D14%26dfvs%3D14%26dvpt%3D14%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D763%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D196726433%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1608%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1643024289914&sdkv=h.3.495.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUxMDUzNDMwNDk4MzIMNTY0NzMyNDc2ODcyQO0CUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25I3QNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A45A 0
0 96ms
96ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeSJVoY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEggNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7TP39yw5FZafn5VHwtykP8-LmItgLGnhTIuzZ6kVS7WprfBaeRuz-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODAwNzAwMTU0NzAxMjI4Mxju0RA&sigh=FiBBwsKBbsk&uach_m=[UACH]&cid=CAQSPACNIrLMYhe_aqO4ab8vNCmVitYG9QFQIIDTcFWRucUr85WPtNJOVzWXW5xJgdDUwdj7AjMKxtT6kApCjxgB
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A45A 0
0 78ms
77ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hv72e9f24v4wj1d0mp1s5n9dg3qdd1ty9emn5ywnpemtfp3hherwdnf1sg78cdrae4g69ajnchgdazr5xk3xph5f94bn1m5q8pe3ay0ny280az1zkx774denpm0ct96sadvkh1bvb31zen0v32rfaj5m25v9b9nbsgs346hyrj90kp4bt7cz22eptrcefvgyj72n90ggghefy4ee37znkm9fvvg0e6j69tc571nqqszzht3ept41dyc3yke5tgmq2pwahghyr7sj6a19d16zc6a3rkh2pm85wddatr8etfd3asddb0tt0kht169zkqshvt5c09h352nhabj95r6p05rvn030n7a8rch05078jstayygjm650jdkxx4d499avz4nmn0xqbddg1t06d1ahrtbx14zj&b=Ye6PoQAOaAsKe4VWAAXhnsR8Y_BkAuveEpph-w
Requested by: Host: www.correiobraziliense.com.br
URL: https://www.correiobraziliense.com.br/politica/2022/01/4979732-no-submundo-do-telegram.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 3316 2 KB
3 KB 88ms
88ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ktsg7gnqg7rn41vzm89z5sgcdq9944a8wmmjavxqqvqpkkcp7vwk8kj6900tnzewmf4zc4p35yxjxhjky4cpst5jj3f1jt5yc5w0qfxsjp5yzkbw1g9e83y51mye3319nxsd8e28fhryjf52dphw4qds56146c07jnm1724enf3ytmem7mapqm07g7dekhrr700mn0v78sc4g9rm0swjbg8r873wrcjwj5e7adgjtv50dc7vqq67051pmbbq5bvj9ck470rmzx8tc0kjqb9qcedyp28d6ze8z84a4yngjfy676sy4pe6v7kxefccav9fvgjwnxap5hveqne187c8a6swwvq5047x92251kwer8ee2sm0kp1atwtr69gh88srmx49wr65hr8nv8g7yfzd6010v830vg74me62nytp9aftasdw2kqm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%26client%3Dca-pub-8007001547012283%26adurl%3D

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05c903ef06890953aff43b0b5253bfd19b3a8d60652afcb1872cd644d6a3055c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d28f95698d47541-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame A45A 2 KB
1 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:35:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3884 1 KB
749 B 72ms
72ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 23 Jan 2022 13:26:12 GMT
expires: Mon, 24 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 79918
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A45A 122 KB
37 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jan 2022 11:38:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame A45A 15 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 11:27:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A45A 22 KB
7 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 10:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Jan 2023 10:05:09 GMT

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
100ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?nasid=617908cbb7ceab4dd535dec2&ncid=61790c8b1d8ca06add677fd4&nid=5e7b9048180bd02ded4b0937&copid=&coasid=&ppid=609a764ab3287943571a812c&pasid=61790cd07f27264e184c81a9&pcid=61791426110ec737726a1125&d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&cd1=Chrome&cd2=Google&cd3=Desktop&e=AV_M10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
103ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&asid=61790cd07f27264e184c81a9%7C617908cbb7ceab4dd535dec2&pid=609a764ab3287943571a812c%7C5e7b9048180bd02ded4b0937&cid=61791426110ec737726a1125%7C61790c8b1d8ca06add677fd4&h=98081f1e9ad182dd3a7617c6563c11027f81b503&d9=1000&ad=25&vi=100&ofpr=1.1&imid=91daa5cf09953a681e363bad409f8bd9_172315274_17089701&e=impression&cb=1643024288482&ad=25&vi=100&d4=1&d5=2&d1=vpaid&fv=1&cb=1643024288490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256&asid=61790cd07f27264e184c81a9%7C617908cbb7ceab4dd535dec2&pid=609a764ab3287943571a812c%7C5e7b9048180bd02ded4b0937&cid=61791426110ec737726a1125%7C61790c8b1d8ca06add677fd4&h=98081f1e9ad182dd3a7617c6563c11027f81b503&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=1.1&imid=91daa5cf09953a681e363bad409f8bd9_172315274_17089701&e=start&d1=vpaid&fv=1&cb=1643024288490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 102ms
102ms Image
text/plain 54.209.124.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=609a764ab3287943571a812c&r=www.correiobraziliense.com.br&sn=&cd1=&cd2=&cd3=&app=&wi=425&he=256&test=&vi=0&e=cpau&cb=1643024290348
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.124.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-124-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 ca Show response
tt-10276-8.seg.t.tailtarget.com/ 88 B
125 B 125ms
124ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10276-8.seg.t.tailtarget.com/ca?tZ=61312441&env=_ttq_tt_c_braziliense
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 9f27ecac4b7efe9d66041fd1d0d3660c7d988c55a11267d9e7ba215a979ae7bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FAF4 51 KB
51 KB 228ms
69ms Script
application/javascript 13.32.43.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g02xbwhm7340rtpbw4m90x7hzrpkv5f41y8h6v7f8by7yr0t1ar0f6dmkjqy3wnn89b5322f9wd9w6w9zm9ftt39dbjg9kp2d17artgwc2qv54tjvh2zxc03zwmmf6m6deh2p4sxnwbhsgg9gvat3s8vbd2rgyf9sxdc7k1mxkvnkcqyan68csjb3kpxxw2gyx2ajcy3te97435n6qyczt45sw1xy18yjf1q6ze79fxv143wprp4bpsspg2h31k3yrafqkgx10d11vrbqekbjbwb62jc5dzr1cr57ke087wht5p8wkk88g%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-41.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 22:11:04 GMT
via: 1.1 b2756db0e58306bee6945607dbb05978.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 48427
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
x-amz-cf-pop: HEL50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 51794
x-amz-cf-id: QLAOIVGD6l50C4OzVaN-URRRKTqk3AjkTlzRHeQMwAVYgF7t4eC85g==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame FAF4 85 KB
85 KB 138ms
48ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidpm4f1fgfj9WfkH4HmtztQ7Yh9SRT1uEoneid__asuidNMqcKYgxuh6v-najYV5PoVbyAR27piyJasuid__adf_Netmix_Reach16_Single&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=96979c083088bb92c65d8a2a37a13e4a%2F17985859106770715998&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024289564&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gp4npkjp2580r0xhk1rsx92xpxfbdta3bpp8qxpafwp70yrhbknmckkszkzd85rspjvkswmdt0nwxxjgf8mm1aj77wr2x6rh092vzr56mzh7jx09c1fmwbt8w3nw0eveynsjb9cj6z3vxw5hjqx4tzk7b9b6r8jx2smafkjsz916cqrx2v8w69v11b3gvha3m5wzppj2kyhj6d2dytpwpmnbj87k3z0y9r5zr6ws3ej32fyfjgcd9vymbhr7emgxxk9w8fzvqkm2z8n8ny0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbb11oI_uYf3GFoPJgQeCrq2ACZDhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoE1gJP0AiWv68VruRCm5FsYM0wV1fuCKNyr_RtPb8YUfTZv1pG7UHRcNwsep07vAGJdACobQ2dNjhM05pkgBSGfMu1ZNGbVCNCcdCoV-VYu6qgLpksJh9okGe0oLgW-90xFgSagzVGkBfc1Vvy-jMBRtq5u47p4BoopMVLZH35YOsQE5StK3M28jB5DhI1gw1xdl2zVLPa9lvxKnIZESX5FsW-b8XfC3uuDyqPikEI8hPtEXswbLFL87i35468ZzbliLUQNWg3fr0XsKmnSP3T_ZvYcAhlMeVFmiiOhhjDPNyaSBFrHLGZooeex4xRzr8_oVA_GNJ1PASZfNnyelCI89kWK_CBLFMZg-FEp5kzcJ3WAug7VsJpfkbnbMhyjpJYqMIPd3sbdEzir9aCMzED_294JgGkcOrghIdTmoRxpBkSv1XDuIWu4HfPYW0XTBM1LbDHVRFMBGzgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzU5NTQ4ODU5OTQ0ODIyMfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1bJv4bhJJeUzAajIs3DKU_wl3g9Q%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:10 GMT
Last-Modified: Mon, 24 Jan 2022 11:38:10 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E3E4 0
9 B 36ms
35ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9iSMhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame E150 23 KB
9 KB 22ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 15:13:54 GMT
expires: Sat, 21 Jan 2023 15:13:54 GMT
cache-control: public, max-age=31536000
age: 246256
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011408&jk=217151344019347&bg=!NjWlNXHNAAZ_DxPPfw87ACkAdvg8WgYCY27Oy-KHlRMYATYt-_S_eVDV3EYnzjoFK5pLkBgBhVblqAIAAADGUgAAAANoAQcKACUPHoB4sTp_F0wIChzZ1qqtFj4s0kHxImh_JKCVJBVAy1zSq9e7mQLOXkoc3O37REwoNI4RpvyoUQD973KPndkuyx6PBIQ6u397hRIYwEKahLexOZG2egeqLH-beJomcRW2BgFybZSVKw3Nvlut5NDDTpkjPRwnVmRFEiz_TF5__4pVkorgOJHRap_bwyhnnDKeNs-i1EJdEx3Z3m3Se2Panbs6ItLfwARjl7PQ8De8XNspa0c8XTyf5sijJu_XX5p60lHEOhI6uR00kcUH_BV5gotUbXXLSi9qKX-93I8bJ-lJCI4xt7lcfCx2rhcCzpsQD-4d7PAVGhY5rrJx68Kt0ArifpgRBNfAjBjL1LMQNRX-gufqhIig8V6xP1InTd7oEpQc9dpAc8pOVuIC5SbI1HC2QDVGwHiHFu2SP-NGGblWTEWvKFo0Ks04czdRrF5X2mLMDlw7DnZHbq6oKMuIal0-wT8xlH5Xqf3p0Xww9Z9MeCq5wNjsbz9dw6kNl4pXhO3GjVTyQPFH5fSn8m9Na1J8_bsPJwss4ykITIPNXw6Pqg0RsUMeGoCTDDb5JGNGghGfptrBtU5QDxONJuqNilN4-u0tffRCIcQZUbj7gdYGfMWZIBGY_TfNniN2YtnkzDzAeMJssTEIqg5AA59csZOl4Y42KoF7AUu27Vv7anemrXe_9C9PB1ZwDXOBK5McMIexQYv-7Pxz5N378JgMFZlFBVjszbSEx4Acw0XWO_PttI5RBGx39wpxmMHLWw5QP3_JE10ijc3iajJ7iKBBRbR_lmNHgGAkmTJneKvw26Xy_2-8LhxFhsFoUPjw77nOtTENwhQ3ai6iP4VTccvaiqmqHNhEH-KHglBlE4V_3YfvpdWF1_p1ySu2xmxoaLj_quoiMzVqysrDIFj-TtCf1JrGnHjZDKBMnz2KzO13xj2-bayqCUtLc0xH-Zz5ZQQ6_jePdGvegMMz4T8jzsH73y2xoNmhmBueemGf0Kn4tcorb-WANw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame BB32 601 KB
195 KB 17ms
17ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 3316 81 KB
11 KB 79ms
78ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktsg7gnqg7rn41vzm89z5sgcdq9944a8wmmjavxqqvqpkkcp7vwk8kj6900tnzewmf4zc4p35yxjxhjky4cpst5jj3f1jt5yc5w0qfxsjp5yzkbw1g9e83y51mye3319nxsd8e28fhryjf52dphw4qds56146c07jnm1724enf3ytmem7mapqm07g7dekhrr700mn0v78sc4g9rm0swjbg8r873wrcjwj5e7adgjtv50dc7vqq67051pmbbq5bvj9ck470rmzx8tc0kjqb9qcedyp28d6ze8z84a4yngjfy676sy4pe6v7kxefccav9fvgjwnxap5hveqne187c8a6swwvq5047x92251kwer8ee2sm0kp1atwtr69gh88srmx49wr65hr8nv8g7yfzd6010v830vg74me62nytp9aftasdw2kqm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%26client%3Dca-pub-8007001547012283%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ktsg7gnqg7rn41vzm89z5sgcdq9944a8wmmjavxqqvqpkkcp7vwk8kj6900tnzewmf4zc4p35yxjxhjky4cpst5jj3f1jt5yc5w0qfxsjp5yzkbw1g9e83y51mye3319nxsd8e28fhryjf52dphw4qds56146c07jnm1724enf3ytmem7mapqm07g7dekhrr700mn0v78sc4g9rm0swjbg8r873wrcjwj5e7adgjtv50dc7vqq67051pmbbq5bvj9ck470rmzx8tc0kjqb9qcedyp28d6ze8z84a4yngjfy676sy4pe6v7kxefccav9fvgjwnxap5hveqne187c8a6swwvq5047x92251kwer8ee2sm0kp1atwtr69gh88srmx49wr65hr8nv8g7yfzd6010v830vg74me62nytp9aftasdw2kqm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%26client%3Dca-pub-8007001547012283%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1019585
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 12 Jan 2022 16:25:05 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d28f957db247541-LHR
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 3316 36 KB
13 KB 48ms
47ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktsg7gnqg7rn41vzm89z5sgcdq9944a8wmmjavxqqvqpkkcp7vwk8kj6900tnzewmf4zc4p35yxjxhjky4cpst5jj3f1jt5yc5w0qfxsjp5yzkbw1g9e83y51mye3319nxsd8e28fhryjf52dphw4qds56146c07jnm1724enf3ytmem7mapqm07g7dekhrr700mn0v78sc4g9rm0swjbg8r873wrcjwj5e7adgjtv50dc7vqq67051pmbbq5bvj9ck470rmzx8tc0kjqb9qcedyp28d6ze8z84a4yngjfy676sy4pe6v7kxefccav9fvgjwnxap5hveqne187c8a6swwvq5047x92251kwer8ee2sm0kp1atwtr69gh88srmx49wr65hr8nv8g7yfzd6010v830vg74me62nytp9aftasdw2kqm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%26client%3Dca-pub-8007001547012283%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Mon, 24 Jan 2022 11:38:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74457
x-guploader-uploadid: ADPycdtOXflsdf1fLUJqmfUgsI0rHyINN1TFDP-Rjd3xF_89bJYCgz8OJx15HcMSIrHx0lgfLkYL_zrEPdLe5XMoP_Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m43CX%2BKK7hcGOiEg7RYI8jqRDuy%2FKyBZhaqfZodbbQkNxxUSFGHQ5je%2BRMoF7TGdMQJt5FyETnuwKpK5vbBEj5CWN2haN6TldJ4WNA2ruPvx4vem1OjExskukvRcBqRi7xUA%2BCQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6d28f957db287541-LHR
expires: Sun, 23 Jan 2022 14:57:13 GMT

GET
DATA 200
OK truncated
/ Frame A45A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01a8ae2d94d64af7febb617288a6a4a3056ac0674149d31d116fa3b0648fb6b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9EB3 37 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame CD8F 601 KB
195 KB 18ms
18ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3884 35 B
463 B 86ms
21ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFIxlwLgZzXV142MIABA_7Y&google_cver=1&google_push=AYg5qPJELjATKC3aQR7p0fDb9Pjen_xiPDEgpjgAKKUw7td-MLfrwk31jhgP-L47B7XYXckF9xmTjMI8HqZbo6UfWdT7I0kVTQY

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3884 0
104 B 195ms
42ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPP8Mp0xYNvENTG-bB9BBTY&google_cver=1&google_push=AYg5qPKqPRHj0rIQ1JqQehFmBQR8ZFnr9_Qt3EHPip2dduqhSgQZ6cMLw5CCL0fS1eQVs0nJtKEu0H_UVdw6xcborfu1Vk7TJs4
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3884
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPIEcIoP9HWXJSkvZjBsGu-CZja3y32D3WTlZ2NkCLl...

170 B
188 B

29ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPIEcIoP9HWXJSkvZjBsGu-CZja3y32D3WTlZ2NkCLltJPupt3IDNOwfctJVGuOH2q0Z5Xt_p1CTURDaWSbhNDmTDaQbZA

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:10 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHA2M0s2cmcxTmJYRk01&google_gid=CAESEKDHo84-HluIj5MtYZRZlKM&google_cver=1&google_push=AYg5qPIEcIoP9HWXJSkvZjBsGu-CZja3y32D3WTlZ2NkCLltJPupt3IDNOwfctJVGuOH2q0Z5Xt_p1CTURDaWSbhNDmTDaQbZA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3884
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIBiImlCteuZOTum0Q_HbBU&google_cver=1&google_push=AYg5qPLRAEpNOY4FitKHlI94xHdJCsC9keqruRr_eD585TiJ-vrmx3kC3LzUMbf_0yG3VA_E-i2ypYRzck1iGg26Ebhs5VAgKHw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD0202C6E41A40969AECF998DD91EE31&google_push=AYg5qPLRAEpNOY4FitKHlI94xHdJCsC9keqruRr_eD585TiJ-vrmx3kC3LzUMbf_0yG3VA_E-i2ypYRzck1iGg2...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD0202C6E41A40969AECF998DD91EE31&google_push=AYg5qPLRAEpNOY4FitKHlI94xHdJCsC9keqruRr_eD585TiJ-vrmx3kC3LzUMbf_0yG3VA_E-i2ypYRzck1iGg26Ebhs5VAgKHw

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD0202C6E41A40969AECF998DD91EE31&google_push=AYg5qPLRAEpNOY4FitKHlI94xHdJCsC9keqruRr_eD585TiJ-vrmx3kC3LzUMbf_0yG3VA_E-i2ypYRzck1iGg26Ebhs5VAgKHw
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 23 Jan 2022 11:38:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3884 70 B
264 B 42ms
42ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECZ1smGaNIwe_9Og7nXyRTQ&google_cver=1&google_push=AYg5qPKa54LEeWf7umspxSAqvdEB4YYbArQhujwGdae1GtbFy_nXSRAMR2k2s968dOpqDTz31iEXMyHEzw0B88rDy-FhiNQVDwE
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3884 0
191 B 41ms
41ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJxQhF2YP5ezhrwFub8S5Rs&google_cver=1&google_push=AYg5qPLyqaW6Ow2eT60gnwViiTFZDtZuhHZVXkmZ_np1KqLNMBiWCO7XbnHsMsZ-MuU1ffOl9qVfAW19We_EkCYzHRI-WaAVUw
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 3884 0
75 B 37ms
36ms Image
text/plain 185.86.138.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHBh0CFwY2YxJQ4qqHxKfCQ&google_cver=1&google_push=AYg5qPLVHcgAfGoEtYMRRXGYLse9uCW98vOiHh_wIubeQLZU2plZt4xibBX8zWayz-pdW-TUTHUYVHB9JeCeNEBVDzzaICTOfyc
Requested by: Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:09 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3884 0
12 B 38ms
37ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKPitpk8S_jLChFdIQb09Qu4Y2pPFG1_NpGB5EDrXcaTb9XPdqHLL7iiR_gTH8dYa_D15q

Requested by

Host: ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com
URL: https://ea155583b1c40a30eec50a76cb587b84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9045 37 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 666F 0
0 96ms
27ms Image
text/html 2a00:1450:400c:c1b::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44738438%2C44751786&el=adunit&cpn=hRWGBNzsI7yWWEJ2&docid=hjVoWL0ZIJE&ver=2&cmt=0.241&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&len=20.062&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=97.0.4692.71&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=18&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 151ms
112ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10276-8&tE=0&tF=&tI=___de_1643024290175_3648182147&tJ=&tQ=site_todo&tU=0100007FA18FEE61F50616AC022F840E&tX=b.52&tY=1&tZ=339419950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
241 B 151ms
113ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10276-8&tE=0&tF=&tI=___de_1643024290175_3648182147&tJ=&tP=1&tU=0100007FA18FEE61F50616AC022F840E&tX=b.52&tY=1&tZ=706006681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js Show response
pagead2.googlesyndication.com/bg/ Frame E150 35 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 15:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 15:29:36 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3316 3 KB
4 KB 57ms
57ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19781908
x-guploader-uploadid: ABg5-UzDXz48Jp5FL0TmyQDSscMPwQiKL8JA4FKbkcP1npkz9mbjqsx6NGoabUShkVVvzmaj0A5RwcAjwhv-JhQocsL5sa0hzg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Bq1HTgJV91I1BFVVVLcCT3EFrZm%2F5EavdIUQR92woCPapmQa2nBIpVS29JVIN4Y62GTzFRpxyitm%2F4HOGBRZyB9k%2BgX4%2Bv5d4sSkYbAM9HscUMPHp%2BkDKeHn8oYfeCnOGtCREC7pDMPnqWTUvdgd6Kq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d28f9589bcbcdbb-CDG
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3 200 api.gif
v3.denakop.com/ 0
345 B 406ms
405ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10066&d=desktop&b=Chrome&o=Windows&u=Wxmq8uJvTIe8fQVdaYig9g%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=under&p=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&t=1643024290649&cb=0.9556130401471798

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-authenticated: 0
date: Mon, 24 Jan 2022 11:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
pragma: no-cache
last-modified: Mon, 24 Jan 2022 11:38:11 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6d28f9589f284339-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame BBED 2 KB
2 KB 37ms
37ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdusQCqzcste1viCqMs7-kvhCU53qtagBe5jRkcNXM8HNpNb8ST3HovydtM60MtU4rkxOvwPs0_Yjruykegksvg
expires: Mon, 24 Jan 2022 12:38:10 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2433154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjlALBK7NZ5r71eKkkkuITZAVNLTp5bNYWI04pb4%2FClT%2Fjm8IKmpSF4TrHsAlYLMyXSz%2FHuvPmDWBNaj0lSE5aRKawoByVFfE%2FnG8X9fJj46vzkDQMTHqoexhqQjPtiuWtezFbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d28f958ac6e7541-LHR
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 650D 2 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745c835d5fbaff3d895f0b48b8defd7c05f3a657ab302c9f651bd4fc797dfc4f

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d28f9590f2e593b-AMS
date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgShG78EX7HuT34UXQz5kQZpP3hZc%2FAtMHmMGoA6xApnqm2JRaOeuHyLkSIVkk%2FIxL%2B0t8sCLko7fD%2FcYTehSr1MouVrgkqjLPgGOPxb4MOp29MhZhX2TxvjA6dTZNHxbRvqCyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-3l9z

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 53ms
53ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-3l9z
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkkE18jt973SB7Cg7FuUHgI4D19a6etMZyFlJGbKL8OuIp%2FRRVyv0hmA9c%2BnlL1KSnoATzi1S5%2FgTFOy%2B0qGBB3yHd8vkilEbVJjpmiaujJDEujCHhoWZdtXwpfWHc0BbrbV0Wg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d28f958ae27593b-AMS

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A821 7 KB
4 KB 62ms
62ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049cfeb2732f2ceccdd313acd48eb39441199c90551785e3a68b0d3b01ea68f7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4nwnbdfq7g6m8em829adcpat78wfq845mg7scgh6pfp9rvvqy0jj8qkfbtpynb4y94tdtec0pv60g7f8gn2jfhwzq0ewbzbs7rxcbreqjm5zh7pfjga4fn8anf9d9wcanhq7jftex0v1bevyfye4frenvg8snv5f8q9n64xcv4he9ebjxy47hvs9vswctfvtrw79mxc0st8fhvs4xv8h7q6mkpst5jra3psjx68vyfkas7ystnkwv9nc5hzstdf2ngpkn7xdvr3a3k69ke617ndrhtemj0v2hrdvn1hcbcxdhmdwj4d9frrgtpvxvaahfgh0kzvm23s4fabdd45fyj6163v9f5fcjcyba7jk2fq7ytda0jxzvry7vpy4j8855ryccxr4r0kk0kp5yxc0mdae8pv6ye85dy7p2mzchy1tkb8rkm2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%26client%3Dca-pub-8007001547012283%26adurl%3D

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d28f959ae387541-LHR
content-encoding: br

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BB32 156 B
148 B 192ms
191ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C6887%2FMCM_Adsolut_correiobraziliense.com.br_GZ%2FMCM_Adsolut_correiobraziliense.com.br_GZ_1.7_26.10.2021&description_url=http%3A%2F%2Fcorreiobraziliense.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3041942014914877&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2455626994&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024290870&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=499187600605142&ged=ve4_td3_tt2_pd3_la3000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CD8F 156 B
148 B 241ms
241ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F93656639%2C6887%2Fcorreiobraziliense.com.br_dfp_vast%2Fcorreiobraziliense.com.br_dfp_vast_1.7&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3206014628530754&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2432591800&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024290909&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=287508289775807&ged=ve4_td3_tt2_pd3_la3000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A821 81 KB
11 KB 46ms
46ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1019585
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 12 Jan 2022 16:25:05 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d28f95a7fb77541-LHR
cf-bgj: minify

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame A821 6 KB
7 KB 39ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311954
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycduu4FNydZJbU3JSbUVKHcVQBBam_cMi3dkUNVyY8s--X_PrBt8Kp7s1ApyaHINTAXRH4qgO8Exvjb62aAeelQk4ihKmfQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3QShs01VNgtLLhP2j%2Fo9Wo%2FUAXMuvUmR5Nv1hblOzbHN3VS3SsyIltdyFGwWfvKsGepwiUy8RHk7mlyXwATT4huK8RPpgq8Pc5H1pLFYbQSqbqrX8hZjPFaBu43WLyEu5S%2F8PVUETmkQtUh"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6d28f95a7fbc7541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame A821 9 KB
10 KB 136ms
135ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318362
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycdt-sYs1QPITykwzdX2Jhxm_nVIONLv89aEIPOWVlwjWfIxVlxCTnknLZ10ddI-z_k1250P_QetJ82576UDtBXo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqvhFkyhJ1hTPs%2B0K1AD%2BiE27Tb2DxAP%2BXUV%2BCxw4%2BmzlfeI3SfU29VTJ507q8o0VEieZ3KnELIGjQ%2Bgfcy%2FbEyMgoYHg2YeB1fdJRIcOlG4ITh%2F7LsQKOLdGgf1yqvT4vOa2aZcmeAGWr2j"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6d28f95a8fd47541-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A821 43 B
705 B 177ms
53ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame A821 46 KB
47 KB 65ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 313738
cf-polished: origFmt=png, origSize=74333
x-guploader-uploadid: ADPycdvMStTlgJK1r60zrMqRz6I_-RW6olk-DxyW9VDxF0Dr_jUMZ3g-RHsmg5t0s6i1h2VsvL_5VV89pljBQKs67lVB6Ou8Xw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47320
last-modified: Mon, 11 May 2020 10:44:44 GMT
server: cloudflare
etag: "51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEbp2WvOdNwvgciChJ7THPNMZ0Dd4a43eiCMrRKB5WPdzSPkWHvrjR8KHaQZJc0KBH413gIZZcBoYNV%2BOlR%2BWvDwuvTuYc8JKVrpA3NAXOzMkd5%2FhcgsBhkK5OoL3JlrMgV8wAVax6onTZEN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589193884048730
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 74333
accept-ranges: bytes
cf-ray: 6d28f95a8fd57541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame A821 290 KB
291 KB 70ms
69ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574057
cf-polished: origFmt=png, origSize=489686
x-guploader-uploadid: ADPycduViEyiD9eYd86y6H_snX_Kb1xWRWlqRampaZ64dOgrTzf_9n2bhWp9BGGewc4FlVy0Mjil58UQzLKHP8pYwKo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 296674
last-modified: Tue, 17 Nov 2020 11:24:27 GMT
server: cloudflare
etag: "e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9XH%2BVn8Or4CRoMtAoTvuHQI%2FqpWJRhwPWaKs%2BgPJXES4kN5gfXHNm9Tgah1C1FfZFISPCo1VECdrMS%2BUCtNf6Kom8UL19zJeTDIiu1w4Ewqkapo8u03Py8mEDQQlADJEcL8F0K0%2BBhVhfmH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605612267020757
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 489686
accept-ranges: bytes
cf-ray: 6d28f95a8fe17541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 87E4E9CEA9DBCB943231FCA0E0EED2695FFD0CFE5B3657F191EFCD5353EFB0D2EEFBED469066399720FE3CE85448BD83A1A4DA5EF1EE69B8FD90FD6DB460FA1B
assets.ad4m.at/logo/ Frame A821 107 KB
108 KB 39ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/87E4E9CEA9DBCB943231FCA0E0EED2695FFD0CFE5B3657F191EFCD5353EFB0D2EEFBED469066399720FE3CE85448BD83A1A4DA5EF1EE69B8FD90FD6DB460FA1B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b60331576d4c9bf51a6295ff4caa921ac1ca260e304106eca074f88e7c836e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=q4qNoA==, md5=JjQBPrEM0SwXOueegafmKA==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312083
cf-polished: origFmt=png, origSize=157449
x-guploader-uploadid: ADPycdsRCATjR7NMlBME21OXpO9z-qzwNGKv7WxIQMVgwNHFIpKcLXx_IHQID6ZTyoEcbyDmlSShssyNbcBT-7rlfWcRcgRG8A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110040
last-modified: Thu, 11 Nov 2021 14:22:47 GMT
server: cloudflare
etag: "2634013eb10cd12c173ae79e81a7e628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDjrZPeerNYH8It8uvmP7G21D22%2BRsG0x17VnkJpU63Po5EEClWbWkNAoD4tB3LWJ1UoP1dvDnHo8H3gfDgaZvmgLSgnOYQOLfFqUL%2BqvLa9l1h96LETB%2F2joVabo3UYQ%2Fs4h3LwqIbTViX%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636640567676756
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 157449
accept-ranges: bytes
cf-ray: 6d28f95a8fe47541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
assets.ad4m.at/product_image/ Frame A821 32 KB
33 KB 149ms
148ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=XpYYSQ==, md5=hUTvKH3ITIHGC57UiHB42A==
date: Mon, 24 Jan 2022 11:38:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 319258
cf-polished: qual=85, origFmt=jpeg, origSize=91728
x-guploader-uploadid: ADPycdtSaNL5ToPDsYHxcMjSrUaUMbFsbl8ll39FEm6xNhgrwPVfb5KJGFLTjEdWOaHPXUc1egKcoL-PWY_VXJ2U_nU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33156
last-modified: Wed, 25 Mar 2020 13:46:38 GMT
server: cloudflare
etag: "8544ef287dc84c81c60b9ed4887078d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXZr6CdMFYUeIJhOkAflwR2QWvGD44H8xNA8LUbrzCVFRqZVpDixJ%2FXPhZZT4QbMvAKu9NmtQIKlDZUtwDtOWRZ6zan2QWCSL%2BtsmhNwe1J1EaNcwkNm3fwVUkyMasopWw88e8dzPSapIMky"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1585143998277875
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 91728
accept-ranges: bytes
cf-ray: 6d28f95a8fe67541-LHR
cf-bgj: imgq:85,h2pri

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
964 B 193ms
193ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5282385&noaop=3&sortOrderType=0&cb=1643024290943&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=105212296&pt=-1316163016&tz=0&viewable=true&ddast=V73gcCFgNPZSTfgn-XywRPZSTfgn-XywUAAAAGBvQHHDKaMRgjxmw5WCxWw-VyOVoud7PZZLdc7obQIaMZgzFizJaDxWI1XC6Xo-FithoNFqPdZjiFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1baDodPte9Xvf73TV-y-Xl9FssD-vT7HTZPS-7xu-2Syx_wd_sND09Dr9kMJnsBYu9aLlb7jaTtdzv1rwubtfd5HeL_G7Ry-zyWR5uu9D0NtsBAAAA4AEASjMK4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAAD4OBhVAMAioOBXSff0-c5Omwuuz8AAB4UQAAABDBIAAjGhkoAMhSbTgAAAAAAAAAAWP7___9jBuSns2QAPKyPegAefAAeiApIixgBAAAAZMtdDx5N6oTKogoAgCDdCuAKACDAbzH8QCkMAACAYGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJFdUPpwUZ4Eqp_QICAKz9AgIAsKkbAMCbAFzQEbRiMFgdgWxWs9kBAAAA3P3____rgcxutVkYNzbDwuRw7mYz48ZjWhg3E4_Dt7I4Jo7tEdvidmyQEsX1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9A7gY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggTFsPEM5w53DLnYrgWzXbLtcSyW6xFDtvMY3GMZsuNyS16fUzHlXGxWqy8KBiwtRfBRToROR2Wp9_z8Hz-HqfD5Pe8NX7L5eX0WywP69PsdNk9L4tYojlZpBPZZd_ZrTYL48ZmWJgczt1sZtx4TAvjZuJx-FYWx8Sxb1gME89w5nDLnIvhWjTbLdcSy26xFjlsM4_FMZotNya36PUxHVfGxWqx8jdmo81gMpoMZ_vGbLQZTEaT4WzfoTN8V5-zUdsbLTwuh0q08_tm5oPCZbB4fxLTYtqdHUxn39GpMy2TRZ3Rd-sevQaF5-BRLb7Tw-u1-GmNReH3YFDEEsHpIp2IXsbTRSyRPC3SiWBhsviWo5VzM1wMdsuRbzAa2QarkXGyca5Wm81ELFGaLtKJXvA3O01Pj8MvGUwme8FiL1rulrvNZC33uzWvi9t1N_ndIr9b9DK7fJaH2y40vc0W9R8fZLGbKxajuWSxmis2i1UCAAAAAAAAAFjCnHkTAAAAgNNAhrvVarVcAAgiNV1gEAAAAAAAgN2muB8Ml2Y2y-LGj0nI6bA8_Z6H5_P3OB0mv-et8VsuL6ffYnlYn2any-55WRkAggiNebNnglir1bIGAAAQwAYAAAjg1s1bQAolBw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1673805&dpubid=287555&abtst=adh5c-1_vA!ecp_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl105212-296_vA!spa2_vA!t120!t45!ufm_vG!ul105065-003_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.correiobraziliense.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v105212.296/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 857e78187244c3bcbfe92d1e771200dcd7d97f84cf206090880f1f48dcf65117

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiobraziliense.com.br
machineid: 1460
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4044-HHN
pragma: no-cache
server: nginx
x-timer: S1643024291.954521,VS0,VE165
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
43ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 24 Jan 2022 11:38:10 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-3l9z
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwKldGzowLLGy10RjOeGp4%2BoJhL8WdL1y2dGQt3%2BOxYUSOQJgkSneKLdKmYtYDZMlxZIJxxzMj3CyQ0L%2FG60bwr27W9grX8efRj19nxHt5xyp0exdYKtHzF4octX2Z96KDrDk5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d28f95a8b5d593b-AMS

POST
H3 200 rs Show response
ad4m.at/ Frame 3316 2 KB
2 KB 62ms
61ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c681c85e1719da9b2d4670a7e7cd1cf8ccda13e86dc0c612313423c5ccac6f90

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d28f95adc11593b-AMS
date: Mon, 24 Jan 2022 11:38:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhbzMR%2FCHhEhqTFS38itgvItY0HR%2FN8fT2012jQGHGSj6L9WY4fb2uGn8RCCSHzPmimUCDB6oQpM%2Bg5qI%2Bn8AIEbSxAsVY9CGMRcBz54ys4%2BE2apyQMcKh4NcqTIi9am45mqktg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-3l9z

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E150 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.495.1&bgai=BPHmEoY_uYeaBGpaN7_UPnoiDkAQAAAAAOAG6BRMI4oCCuabK9QIVVE3lCh1GowvD&bg=!-fql-r7NAAZ_DxPPfw87ACkAdvg8WiJwv80RmUiv_9hM2GY6zqhhoi2ZJeF--ctPUVOUiyCTuOqihQIAAAEYUgAAAANoAQeZApXe2G-S54Kal4BWsxm5tS1KpdRK58egWmUGGQkZlF88CHXqUp4YJR_grsaIyQQIWf7BJ3RbxYn0jgyvpx83XIZSbDCc9GZHZsfC9zM0XSxsx7IK2_fXpQNlMiimaS6SRpioNRNclX3kBUPIN8BghF0MS_sU7zK1mvXX7O68vIMlT0-4cQL1Nnm935JkiSWbeMLJSlPLM0oVy0wllZcIGXoQc0WRiJUzM6XEhiw-Kerbwgp9lpk031Pwi1UeaDDBzRQmP8LXQUjM7oiYgZLu6yGrZMZO6r5YqRrC6KEBOAytWsH-DI0tSEgtKz_yGSbDmoaww4fqGsGUJHdGDxSMfaYkh3GSi7KoBmyyu29OOIT0C1tAc5bMeDB52Wd2ey8OPG_h-4UBZ3tt5yypR_NitVFSYl4DaHIVbwlMJjj3kfb3Ati0S20bTLRItWYAD53hikzWF42Tycqto7z2GBM-qvcdr8vW-cYb4GQs1bKNrYGGMFTHheI31ta5MAU8e84o8fW0qrAoCJ7viYuq14tnTT1eMy_zcehaRhYam2rmnLQCEUeGD2QtDM26RdEdTVcCM1R7uMEMtox3ma1eglLGBG7Vl9SG02-zsDjwit1t7x5QB6XSS8dewBZPG13yl5-9j5PylsBJGoUkxjCGIcMuLoBMDdlxZXX7KYsAn9NTEq63XTpy1HFvUIjfNdlriTqB0n4jygS1tZk9pke_2CuhrZ85VruYr5Ae1z5mNT71EXqElZvR5DYJ6Jq-F643y8XBDpvtnkjFE5zzcJGgPpfqJc3w3YnIZwPQxy4oAm52NoV5Ah56LoPsCvw9MZlidWSTYrT5E-wy0rDuspP4OMadEj9FF1k-0_8MD1q9h9MilDuFL1uRpxB6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame A821 1 KB
2 KB 241ms
157ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gdnb7nxtqvhpsxw4jsbb0e1ywktwxc79zkdwt2gdr3xprb71zcf9bqt312q0b42ertwzyzfsf8pwe5q70bcj1g0wrgjseg23kdwgm7y80msjxqj7akpsn298fr7mm3ewmc993yr3qbpk5rd1jtm3bq5pvhp8vzg8yewm0sd5th6twmexft5ck322gsbdwzs59bvrscj11fgrwbqsbpevnyzqh3rcbh28y5e6feej3ejmhkhwhb96f6wcp1pkfw5zmk7rz0dr8cmh9z322kq7j0z81jx0f68gh70bzp8sars5479c6htj60%26a%3D&clickref=oneidrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHKoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 96116d75b2e9fa4b7f365f43f4e7b8f3511c86b853d3cb13607096cfaa2707ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:11 GMT
Last-Modified: Mon, 24 Jan 2022 11:38:11 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1471
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/ Show response
www.autohaus-koenig.de/htlp/ Frame 7B19
Redirect Chain

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHKoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suit...
https://www.autohaus-koenig.de/htlp?coyotetrackingid=520835713
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=520835713

531 B
419 B

22ms
22ms

Document
text/html

159.69.159.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=520835713
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.132.159.69.159.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: 4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.2
date: Mon, 24 Jan 2022 11:38:11 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

server: nginx/1.20.2
date: Mon, 24 Jan 2022 11:38:11 GMT
content-type: text/html
content-length: 169
location: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=520835713

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 398F 6 KB
4 KB 61ms
61ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb7b049821f23924448ae55e362866464b785572ae56fac53da33b98736af7f9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ktsg7gnqg7rn41vzm89z5sgcdq9944a8wmmjavxqqvqpkkcp7vwk8kj6900tnzewmf4zc4p35yxjxhjky4cpst5jj3f1jt5yc5w0qfxsjp5yzkbw1g9e83y51mye3319nxsd8e28fhryjf52dphw4qds56146c07jnm1724enf3ytmem7mapqm07g7dekhrr700mn0v78sc4g9rm0swjbg8r873wrcjwj5e7adgjtv50dc7vqq67051pmbbq5bvj9ck470rmzx8tc0kjqb9qcedyp28d6ze8z84a4yngjfy676sy4pe6v7kxefccav9fvgjwnxap5hveqne187c8a6swwvq5047x92251kwer8ee2sm0kp1atwtr69gh88srmx49wr65hr8nv8g7yfzd6010v830vg74me62nytp9aftasdw2kqm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%26client%3Dca-pub-8007001547012283%26adurl%3D

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d28f95b394e7541-LHR
content-encoding: br

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 080C 601 KB
195 KB 18ms
16ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 464B 37 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 398F 81 KB
11 KB 44ms
44ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1019586
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 12 Jan 2022 16:25:05 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d28f95bca437541-LHR
cf-bgj: minify

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 398F 18 KB
19 KB 50ms
49ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312090
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdtmQKR91I_tYtosY9M8JswdxDHIETuoyjleriYU3ATNxcfwfS5dJ-w-HtXn2i5jltovwrkh_8UDFlYHK7S4ro6YK0U9PA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cis2wZzpnfl1qTvK0nZw7mN6vf5Sqpp27NoE4cikior%2F2sRvtA8qaff8F%2BYs4xnn3RWGKrd28Hs3MD19ut%2F%2F5veG0%2F2xkIyxC9mRek2NAfDIHuyz52h5mhLltpidCkHrrMxRZlu78uXa2Hz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6d28f95bca467541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 398F 9 KB
10 KB 46ms
45ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318458
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdsLAFUEyV5ldZ13L2JHoNONvkjJ9z3Z4pDl0Dr5YVKjEsExOn8A_SY28iorm1FcbnUA2U5GnTvYWlt58K-iQ0U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFgqyHLJLpyUPfwxlcwvr2h8Qyf7eBzGagVOaoxGFQqgIfASOrFNsyj8tyxof5kNSx4HED80E%2Fhxan2VExXw%2F4QRTENxhArNl67CMNZWNdJU8SXjSdxwKHAD3GRMlSsGe7Kps0weP3HXQKJQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6d28f95bca4f7541-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 398F 43 B
702 B 52ms
51ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUMoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 398F 38 KB
39 KB 40ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312897
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdvKlxqH2o1XpzOAcVibsG7Mv62wvo13hwX9tG08Y-7HDJh8uV29pBOCwZHBtHnm1lW7jN7bXqfNJyY9Br22bsHU962bBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToNYJM2AQ7Aw1QhDcAQf263qGzQwQXB6vMmcvc6DVBuMmiZh87bBwhf%2BwhzfGk20754hdDj6sI91GgE4IuaS%2F6NunHIHFhv5OtgdMhKLm61B23IB6BmE1Iqdib8lUD3YOz30TKfBiqia6HmP"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6d28f95bca517541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 398F 113 KB
113 KB 84ms
82ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 319245
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdvWw_mtuMZk9kbdghCnjjUL4TUX246ijfx9INBSWHyZVV0VVafpB50m9I6jw_exQzNScCaDWT9pMXUEjyeG7lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu0OY8sJ5E4sb%2BK4WOFnWYkmhgW0JVYbiy8WdK55frKSRWkIqC8imZRPWKyBybBqnq7A9KTCJNp2LJEjZutg0jhDefsJY3X4phLqERxBCQM5eG0chBv1aGMnpJpPI6664Ose7WMisdQK%2FjQs"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6d28f95c0ac27541-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 398F 43 B
705 B 80ms
47ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidB57hgfW7sDRtxH6H3t9txR5C4TeTGBUMoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 398F 6 KB
6 KB 36ms
35ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321044
cf-polished: origFmt=png, origSize=12441
x-guploader-uploadid: ADPycdsFH-19HuNTmbO8FL0gXNiZBjhmmhO5z12qrTY3xXraOeXY9HqoiT-CL5apNmXK2Kt8MG54ygCsX8fKEoywUXoqFZ9Wpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Wed, 22 Jan 2020 13:02:46 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56mEOs22N1No6dqnqOVXMYaSn9N55Ba%2BYqmj7N8QkFWX1SaqqgsnzNJLxNEWeDjMlj0swLSRVxZGGaz0Jft0yAYdC%2FEr2rpW7KddIMgegbUGxX2SBUgWGLJErjYeeBJ21%2BkZ2VJ673RPrN10"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698166841638
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12441
accept-ranges: bytes
cf-ray: 6d28f95bca537541-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 398F 37 KB
38 KB 47ms
46ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C765&b=B57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM%2CB57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ&f=j83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9%2Cj83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=25f6769f21dce3185ab8955f6bc87ab2%2F9672337900599587669&i=25007%2C9719%2C1676&j=16%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024291038&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hs41s68r2gg949n3x90kg7qfm3hjrs9yrq94qqe44snv61w9nczq8bhzy4zgt1v52d7k27s23vb6fe5653xtfa58w6nfychpam5pde5dca526jtthvmt0bskfs7jmj9v2vtky2tznpywkqpga9xcbjpv2ey34fcqgrg0dvgfmncxh98v2sb3ndmgwgn9rskccx17b8taeasqcm7prhjwm1xqr505fryajy0t52e3xxswqj0v48wt11xe8nxd3gxcgh8tbrb7tws62p4cmpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxbOboY_uYYvQOdaK7gOew5fwD5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0HnOeGp5xeQIMaUOREtlx2HyUPhFhqfPxWKBAEzBWHof0LaiSa6NjjsKEiyjjzdHMEUeGNGf6yTwfs8fBQrLKrOwsS9VQEeHjjtiq-y7QzNYxpyaLtuU-q7d-i2rQy0SPOEaexQCPN0wznRZqsA7cpGWtOhCrjg1a3iie64rUzjJo-1i8Sj7jQ2aQ4nMok-P4ex1WNKLqT9q6WOy6K67ux7NpWgXj67VhmBwzs-ROkPyXu7yqnl9hhCGVeZ8zyKcLHDzNMJ1UADVPypbbESbSVX3ETbP0JywJdeOlze5PUUBCAafIcCqULPiU3gOtX2b3lRTUc8IbLL0hVEN54VhBqkInOn39kwjizUHRoozI0B_LYDO7gPv-XNGAvA1kzofe1db-mAqCXXxvyT6w6x1nxyX-qi5VdMPmTx4Uo2weNv9CMo9baVEaugZhpeIKqWLLPr8KWE7VLQJP7SN3f0iM6_dPrbSV52o2W3MF3YnLbuJne-uD9c2rbrIiq8UtXsuB34JceAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2ATknIgDVZ1DRu8IiU36cVAmhSHQ%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date: Mon, 24 Jan 2022 11:38:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311720
cf-polished: qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid: ADPycds8ELa-QFoVmlxCUxdoG3EnomXAJW1aqLOK6hzzY_khQHObjaf2fGRQFMd7QIzLZ092SOzPs3RR_3iOIcnUIxjnRxQWoQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38376
last-modified: Tue, 30 Jun 2020 10:59:41 GMT
server: cloudflare
etag: "9a6735ce88738411b521c572479825a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w8uyXDe80oOIH5HhHDorsV4jBxgMWCcBmv%2BdwqczLai9SiouQOPLPw595GCl4%2FvOgudKskwIsK0rDt1hTwBLFznoBsQXpMLOULWqDCvnROtmf4SGXNvLMz%2BgVIv4b5GjUfW2JmyGtFhBWic"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593514781204583
content-type: image/webp
expires: Tue, 25 Jan 2022 11:38:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 98417
accept-ranges: bytes
cf-ray: 6d28f95bca567541-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 view
t.adcell.com/p/ Frame 398F 42 B
482 B 114ms
59ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:11 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 57d7bb56872a45b7b69c1c75d5934cf7_cpn_300x250_1.jpeg
static.criteo.net/design/dt/12719/220118/ Frame 979F 63 KB
63 KB 34ms
34ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/12719/220118/57d7bb56872a45b7b69c1c75d5934cf7_cpn_300x250_1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1a95cd78f5895e710525c49e8929ea9245c2afd140d1ec69051a2df053184784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
last-modified: Tue, 18 Jan 2022 09:25:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61e6877b-fb1b"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 64283
expires: Thu, 19 Jan 2023 11:38:11 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 17ms
16ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FAF4 16 B
232 B 99ms
98ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 159ms
43ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7B19 91 KB
36 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Requested by

Host: www.autohaus-koenig.de
URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=520835713

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

726e9d35112ed5fd4f13c0847eb92d39e5bca7b3638369ceab42d2290b209df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36459
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jan 2022 11:38:11 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A821 51 KB
51 KB 55ms
55ms Script
application/javascript 13.32.43.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gdnb7nxtqvhpsxw4jsbb0e1ywktwxc79zkdwt2gdr3xprb71zcf9bqt312q0b42ertwzyzfsf8pwe5q70bcj1g0wrgjseg23kdwgm7y80msjxqj7akpsn298fr7mm3ewmc993yr3qbpk5rd1jtm3bq5pvhp8vzg8yewm0sd5th6twmexft5ck322gsbdwzs59bvrscj11fgrwbqsbpevnyzqh3rcbh28y5e6feej3ejmhkhwhb96f6wcp1pkfw5zmk7rz0dr8cmh9z322kq7j0z81jx0f68gh70bzp8sars5479c6htj60%26a%3D&clickref=oneidrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fdoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHKoneid__asuidfYWxH2p-fi4OxhY_YluTAnxbJDD3snB8asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-41.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 22:11:04 GMT
via: 1.1 b2756db0e58306bee6945607dbb05978.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 48428
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
x-amz-cf-pop: HEL50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 51794
x-amz-cf-id: NAh9w9EPtQQJvicAUtHcmGN4dEkcr0oalliORThu6-ZuMdmbO6Cbuw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame A821 40 KB
40 KB 139ms
47ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneid6RrwUef3f99jxfeHmHYtktKXVTYS1T24Jh7oneid__asuidHU2KusU003b-BQAcacAN8dEw7ng0Kyllasuid__advertisingalliance_advancedad_300x250&wglinkid=2647615
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=64769%2C56666%2C22472&b=2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2C4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK&f=4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd&c=300&d=250&e=fYWxH2p-fi4OxhY_YluTAnxbJDD3snB8&g=a39b7b00c9cb08d042121a3cfe5a3fee%2F15129341546921951666&i=27835%2C22427%2C27323&j=16%2C21%2C50&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1643024290737&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jew4pnq6g25e49gqmmk9nahtqrh67sspcd7cqvcva7cq55sv475dhw17w17ea0jcr0k27wczwb2rxkypxrkayf4xbkjqppgwbxgdavt7m1aqr3xw6bckcv21ezben28chc7hf42xck7fr4ttq3cnqgb3chfk34ggygq8etgm3kmjsrngrj9c5g8x54v8s258r5bqx0zx5001enrxcar0r3405qz3cqjptq2w5ecxdp1va3q48exesvwbaaehg7ec8419e5n59feyn395pwg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwDpCoY_uYcmWKYiRgQeDqITwC5DhgYRctqjCivACwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMDcwMDE1NDcwMTIyODOgAcKu6N0DyAEJqQKWFNuJPP-yPuACAKgDAaoEhQNP0FqIz238ZRK3XFb8dLHo2KGMF9bH8daMIvbN4UyRjo-bxruFfL6aFnbn_BDvzDm3miVjtycYgCwk_V88xu-LXskcZJE3hFXfmPYzdqs5YqGG1Lc0w8c4XvfcfdFW3PZNRGc_sWn7Vg3t6KOEp8dgDjQs_p0N654Pgk4qYkkMpRX-JJndH1pBOrmT2NlZKDUktLJ5I0oZaiVAUhUffk3Y7vksZ9ybCANHZXGdyjBujcHvRBTIKl5NtO10vsjHXDyCzzubzL1gzjr5w2fxZl-axAclA1Rt3BtK50tz8gxVfnzbhnp2X9273ScZflNCk_9V0nsDUxvBzsr2VZiF0nQooWqnEej5RMp4R7H1GwZYxiJoeRs_jgcBnXu0K4_bqbRl_x3SZUNgcvymZhmk_LGCuqDNGi-f6Z49LAX-RxJBhUn9wP-S4_OJsmJuNsd9C_-HDM2Q51SC_UH-hkQPHQOkZfWxfBULxiaqbkrj6sQc0PFmTv-mjlI8mY21CkpCrK5G_N6zo-AEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2bjtDOQYkXtHj7yAV2YLme23vnXA%252526client%25253Dca-pub-8007001547012283%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jan 2022 11:38:11 GMT
Last-Modified: Mon, 24 Jan 2022 11:38:11 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 96FA 601 KB
195 KB 17ms
16ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B018 37 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7B19 49 KB
20 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5599
date: Mon, 24 Jan 2022 10:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 24 Jan 2022 12:04:52 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 080C 156 B
148 B 189ms
189ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F93656639%2C6887%2Fcorreiobraziliense.com.br_dfp_vast%2Fcorreiobraziliense.com.br_dfp_vast_1.3&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2878462153924027&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3677803291&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024291576&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=815561929932783&ged=ve4_td4_tt3_pd4_la4000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 96FA 156 B
148 B 165ms
165ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C6887%2Fcorreiobraziliense.com.br_PSDFP_MCM_2usd_25.10.2021&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&ad_type=audio_video&sz=1x1%7C335x200%7C400x225%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4287372401059338&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=652392652&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024291675&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=1117150167704427&ged=ve4_td4_tt3_pd4_la4000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 112ms
111ms XHR
text/plain 18.211.132.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.correiobraziliense.com.br&rs=www.correiobraziliense.com.br&sid=30691&t=1643024288&cip=217.114.215.131&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=425&he=256&app=&AV_PUBLISHERID=609a764ab3287943571a812c&test=&aafaid=&proto=https&uid=1643024288383-962096174924-006185-015-009850&cha=0.05&stagid=61791635557ecb2c020c45cb&stplid=6179146dae6bdc1f3d41b487&d35=&d36=6.1.2.99&cb=38118622865&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=425&AV_HEIGHT=256
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=609a764ab3287943571a812c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.132.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-132-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiobraziliense.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 24 Jan 2022 11:38:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame CF0D 601 KB
195 KB 17ms
16ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E18 37 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CF0D 156 B
149 B 200ms
199ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C6887%2FMCM_Adsolut_correiobraziliense.com.br_GZ%2FMCM_Adsolut_correiobraziliense.com.br_GZ_0.9_27.10.2021&description_url=http%3A%2F%2Fcorreiobraziliense.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=171070683806983&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2518298614&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024291918&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=2549106953772128&ged=ve4_td4_tt3_pd4_la4000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame B589 601 KB
195 KB 20ms
20ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 39ms
37ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7BA0 37 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B589 156 B
149 B 175ms
174ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C6887%2FMCM_Adsolut_correiobraziliense.com.br_GZ%2FMCM_Adsolut_correiobraziliense.com.br_GZ_0.7_27.10.2021&description_url=http%3A%2F%2Fcorreiobraziliense.com.br&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1845357833335624&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3783232292&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024292159&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=393855900879046&ged=ve4_td4_tt3_pd4_la4000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A821 16 B
232 B 98ms
98ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jan 2022 11:38:12 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 73ms
73ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 24 Jan 2022 11:38:12 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 bridge3.495.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 424E 601 KB
195 KB 41ms
39ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Jan 2022 22:48:42 GMT
expires: Mon, 23 Jan 2023 22:48:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jan 2022 19:32:44 GMT
content-type: text/html
age: 46170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E477 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiobraziliense.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Jan 2022 11:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A05C 37 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.correiobraziliense.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jan 2022 12:08:15 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 666F 42 B
64 B 148ms
147ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3xTh0PO_n6UxgnoJw2nKcu8VWQbob5uZsgUBOU0n75ebJ8kTL83UUlA6_JdMt4N9U-N7BM1dzhV6PJ7QwlacjhtMhC4jNd9WVHDfd2XYodlAg1SKcOLskW5_uXst0o2W2iaH9KT9zyhRQ&sai=AMfl-YTmjEHSYNhBGpFW6e_SqaARE0sj-SXlBemHg_yRj24XbSHxaQrQyym0juN9l2ghnTOSUSX_23tevrmnP7WVeR5fZQWpI7Z2Y7FVBPqFWHtfXPNvMWJ8gZDnmEXF&sig=Cg0ArKJSzK4zCGvNeBNAEAE&cid=CAASPeRoKxHNaRZhwWheMrBtFkF2pSHBSf3n7P4Rmr4NuskKd_HVulNoVgeDVfYNewclmv5WPJldOJgLtwrkcFs&id=lidarv&acvw=sv%3D915%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D934,1165,1190,1590%26tos%3D2104,0,0,0,0%26mtos%3D2104,2104,2104,2104,2104%26amtos%3D0,0,0,0,0%26mcvt%3D2104%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2104%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D530%26pst%3D462%26dur%3D20062%26vmtime%3D1895%26dtos%3D2104%26dtoss%3D1%26dvs%3D2090%26dfvs%3D2090%26dvpt%3D2090%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D763%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D196726433%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3699%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2104&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1643024289914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 11:38:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 424E 80 KB
15 KB 190ms
190ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C6887%2Fcorreiobraziliense.com.br_PSDFP_MCM_1usd_25.10.2021&description_url=https%3A%2F%2Fwww.correiobraziliense.com.br%2F&tfcd=0&npa=0&ad_type=audio_video&sz=1x1%7C335x200%7C400x225%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=388916805259266&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3958635354&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=CA85DDD2-5325-405F-ADCB-35661375E75D&nel=1&eid=44738438%2C44751786&url=https%3A%2F%2Fwww.correiobraziliense.com.br%2Fpolitica%2F2022%2F01%2F4979732-no-submundo-do-telegram.html&dt=1643024292423&cookie=ID%3Dd576226b700aa795%3AT%3D1643024286%3AS%3DALNI_MbAioIIvpxuJKnVoS20_8hyfU6yPA&scor=3640187641023280&ged=ve4_td4_tt3_pd4_la4000_er934.1165.1088.1465_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS