urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:2093:cc00:6:45ad:3580:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.gazetadopovo.com.br.admin-us2.cas.ms/login.php
Effective URL: https://www.gazetadopovo.com.br/login.php/
Submission Tags: krdprod
Submission: On January 19 via api from JP — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 69 HTTP transactions. The main IP is 2600:9000:2093:cc00:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br. The Cisco Umbrella rank of the primary domain is 303630.
TLS certificate: Issued by Amazon on January 14th 2022. Valid for: a year.
This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    51.137.137.121 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.gazetadopovo.com.br.admin-us2.cas.ms
3    2a02:26f0:fb::5f65:5951 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
19    2600:9000:2093:cc00:6:45ad:3580:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.gazetadopovo.com.br
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:a5b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.privacytools.com.br
3    2a02:26f0:1700:181::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
8    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
2    18.64.79.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-66.txl50.r.cloudfront.net
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    141.226.228.48 (None, )

ASN- ()
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
19 gazetadopovo.com.br
www.gazetadopovo.com.br — Cisco Umbrella Rank: 303630
events-api.gazetadopovo.com.br Failed
299 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 13
news.google.com — Cisco Umbrella Rank: 5085
play.google.com Failed
66 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
246 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 923
trc.taboola.com — Cisco Umbrella Rank: 570
trc-events.taboola.com
19 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
73 KB
3 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5345
28 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 70880
44 KB
2 amazonaws.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
880 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 3811
3 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5557
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
448 B
1 privacytools.com.br
cdn.privacytools.com.br — Cisco Umbrella Rank: 75475
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 cas.ms
www.gazetadopovo.com.br.admin-us2.cas.ms
847 B
0 jsuol.com.br Failed
tm.jsuol.com.br Failed
69 16
Domain Requested by
19 www.gazetadopovo.com.br 1 redirects www.gazetadopovo.com.br
8 news.google.com www.gazetadopovo.com.br
news.google.com
www.gazetadopovo.com.br.admin-us2.cas.ms
www.gstatic.com
5 fonts.gstatic.com fonts.googleapis.com
news.google.com
4 www.gstatic.com news.google.com
www.gstatic.com
3 cdn.cxense.com www.gazetadopovo.com.br
cdn.cxense.com
3 mcasproxy.azureedge.net www.gazetadopovo.com.br.admin-us2.cas.ms
mcasproxy.azureedge.net
2 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com www.gazetadopovo.com.br
2 www.google-analytics.com www.gazetadopovo.com.br
www.google-analytics.com
2 cdn.onesignal.com www.gazetadopovo.com.br
cdn.onesignal.com
1 trc-events.taboola.com cdn.taboola.com
1 www.npttech.com www.gazetadopovo.com.br
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 onesignal.com cdn.onesignal.com
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com www.gazetadopovo.com.br
1 cdn.privacytools.com.br www.gazetadopovo.com.br
1 fonts.googleapis.com www.gazetadopovo.com.br
1 www.gazetadopovo.com.br.admin-us2.cas.ms
0 play.google.com Failed www.gstatic.com
0 tm.jsuol.com.br Failed www.gazetadopovo.com.br
0 events-api.gazetadopovo.com.br Failed www.gazetadopovo.com.br
69 23
Subject Issuer Validity Valid
*.mcas.ms
Microsoft Azure TLS Issuing CA 01		 2022-01-19 -
2023-01-14		 a year crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
*.gazetadopovo.com.br
Amazon		 2022-01-14 -
2023-02-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-02 -
2022-10-01		 a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-04-09 -
2022-05-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.gazetadopovo.com.br/login.php/
Frame ID: 1C05B06343E9DF9D8DC0619D0166B25D
Requests: 47 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.9.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Frame ID: 9896EB09286D5E5125958E3909900149
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Frame ID: 83EEA0EFE2ACD496BC6D11A9FBF89FBD
Requests: 13 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: AFF9F577A79455D1DF4AAE12677D5374
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Página não encontrada

Page URL History Show full URLs

  1. https://www.gazetadopovo.com.br.admin-us2.cas.ms/login.php Page URL
  2. https://www.gazetadopovo.com.br/login.php HTTP 301
    https://www.gazetadopovo.com.br/login.php/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

69
Requests

84 %
HTTPS

78 %
IPv6

16
Domains

23
Subdomains

19
IPs

4
Countries

806 kB
Transfer

2417 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.gazetadopovo.com.br.admin-us2.cas.ms/login.php Page URL
  2. https://www.gazetadopovo.com.br/login.php HTTP 301
    https://www.gazetadopovo.com.br/login.php/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.php
www.gazetadopovo.com.br.admin-us2.cas.ms/ 		1 KB
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br.admin-us2.cas.ms/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
fbebc540efbf156e2df1964fef5c1a7da330b6154a779fc17caa7224ca113ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
openresty
date
Wed, 19 Jan 2022 18:06:52 GMT
x-mcas-request-id
3dcaf64044300c43cff9c232eda52e26
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=31536000
expires
Mon, 01-Jan-1990 00:00:00 GMT
x-mcas-upstream-time
n/a
x-mcas-processing-time
2
content-encoding
gzip
x-mcas-cache-status
MISS
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.9.17/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.9.17/js/session-context-store-helper.min.js
Requested by
Host: www.gazetadopovo.com.br.admin-us2.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us2.cas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f65:5951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br.admin-us2.cas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:06:52 GMT
last-modified
Wed, 17 Nov 2021 09:04:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
PLOXavfa2pddds7xHBr81w==
etag
0x8D9A9A9499C4572
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f96a2cc-701e-007c-296a-eac9e1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=27692403
x-ms-version
2009-09-19
content-length
5084
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.9.17/html/ Frame 9896 		281 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.9.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.9.17/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f65:5951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br.admin-us2.cas.ms/

Response headers

content-length
281
content-type
text/html
content-md5
vDuuGHIdcY/gQtnraxH9qw==
last-modified
Wed, 17 Nov 2021 09:05:59 GMT
etag
0x8D9A9A978C048BC
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
36dfb73f-d01e-0017-216a-ea94b7000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cache-control
public, max-age=27692423
date
Wed, 19 Jan 2022 18:06:52 GMT
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.9.17/js/ Frame 9896 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.9.17/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.9.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f65:5951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
98fce231adea179dfb0df568f5e103f77c2ba8b0ed31d608a58cbb8cf751d83d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.9.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:06:52 GMT
last-modified
Wed, 17 Nov 2021 09:04:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
tq/ygwKPKTrL5Z5G4qeCKQ==
etag
0x8D9A9A949327037
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d064289b-e01e-0097-1757-e4371d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=27024445
x-ms-version
2009-09-19
content-length
38109
Primary Request /
www.gazetadopovo.com.br/login.php/
Redirect Chain
  • https://www.gazetadopovo.com.br/login.php?
  • https://www.gazetadopovo.com.br/login.php/
208 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
00e87bd383b27d07b8dd7b01bcdeda5505fdb5477df4921880b31cef5536c51b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br.admin-us2.cas.ms/

Response headers

content-type
text/html;charset=UTF-8
date
Wed, 19 Jan 2022 18:06:53 GMT
x-amzn-requestid
9a43f292-fd1c-4445-97cd-4927f55210c4
x-amzn-remapped-connection
close
x-amz-apigw-id
MNHxsGzlIAMFgwA=
cache-control
max-age=600
x-powered-by
Express
x-amzn-trace-id
Root=1-61e8533d-68f1b47c1378fe036afaa6e6;Sampled=1
x-amzn-remapped-date
Wed, 19 Jan 2022 18:06:53 GMT
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront), 1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2 HAM50-C1
content-encoding
gzip
vary
Accept-Encoding
x-cache
Error from cloudfront
x-amz-cf-id
p4YgBumYZPo5gapGZISWw5ZMUhD8XscE9yKQrvvxvX10EnGrQUFezQ==

Redirect headers

content-length
0
server
CloudFront
date
Wed, 19 Jan 2022 18:06:53 GMT
location
/login.php/
x-cache
Miss from cloudfront
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
E2JHlhl3uFZhIHLVMxeLumM32aeqo5oIFbRpQXZVhMbhca84ZwIphg==
google-3.2.2.js
www.gazetadopovo.com.br/assets/legacy/swg/ 		114 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 21:31:58 GMT
content-encoding
gzip
last-modified
Mon, 13 Apr 2020 20:50:04 GMT
server
AmazonS3
age
1629297
etag
W/"9c302f91fb353b7f558cbda7922e6da1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
text/javascript; charset=UTF-8
x-amz-cf-id
ETslQ4WVB4a-f6rOCCdWD2HxoRKsoMBD_4JxIAnM4sbdKS_S6LAXnA==
initial-gazetadopovo-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/initial-gazetadopovo-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b998e9f01a53e1f7999f58ca8eb49f1e9fa364978766a4d457e562f01db4f316

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:27:46 GMT
server
AmazonS3
age
2116
etag
W/"592c6fde2002c1e7e54c427fb898ee13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
YvNXm7FmuSUbirbCpRmWLCTRI73mWnrTICj8ebImKRz-R3-tJD-JgA==
gazetadopovo-abstracts-_init-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
461c5168584dc4fbee4e810963f3b3ff52cac716cd7cde4f8cdfd3a7fa0f12d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:58 GMT
server
AmazonS3
age
2116
etag
W/"26e7f640c427324be928cade8cc6ad69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
8zIuoign2e75G1Xxd6upfxEM8bqrpxo_Dmei3fabQM65UjtBkLo0gQ==
gazetadopovo-statistics-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-statistics-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8799431bc9390d0023c7b3e873bec4971682723810396d7aa79191925987db52

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:27:08 GMT
server
AmazonS3
age
2116
etag
W/"5e3d14097c05fcf3fe3439bacbf46704"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
2xzXWz2So9_9vOJMSQqN3DHksCHzKj1Vt50wa4-nYFhLqz15Vd8x2A==
gazetadopovo-notfound-e322a3e0634d30442d4bd1971ba82688.css
www.gazetadopovo.com.br/assets2/ 		168 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-e322a3e0634d30442d4bd1971ba82688.css
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3762b3ccf2b8567d929323731f2ddaa5493596cb26fe214c8cc16f0ab350a5b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:27:05 GMT
server
AmazonS3
age
2115
etag
W/"38af75456a6bef731ef3f2944a1428d4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
text/css
x-amz-cf-id
8ZF9Q63ss_YZ8EGqfFF-Gif8m0XotHhM7gXqZCvp_3VYPdQIN9xOJw==
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ba667b3b2504c0c551bafb06dfef0a08e23b071eafc63ab019c66124c4626e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 18:06:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:06:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:06:54 GMT
e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:06:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Dec 2021 08:51:42 GMT
server
cloudflare
age
2020512
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUZGbJj9WrCtvlI6NcWpCVsz%2FKy%2ByaBfpQeYlRrsH9eW0a8YxuzFvWbcmv1pbRy8F7R6s1BdYQdUQYaAVug9oLplwZfwdmJs6ljOag8ETwYRBV4cDq9tukhrNBgUiM3e7nsgahxFfVItmoH9deWhSX8sgtE4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d01ffe69f1774b9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:06:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 14:49:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5864
Expires
Wed, 19 Jan 2022 19:06:54 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:06:54 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2043
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d01ffe7ac0e71c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Jan 2022 18:06:54 GMT
gazeta-fallback.svg
www.gazetadopovo.com.br/assets2/images/svg/ 		167 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetadopovo.com.br/assets2/images/svg/gazeta-fallback.svg
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 20:06:05 GMT
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 13:40:07 GMT
server
AmazonS3
age
3967250
etag
"4d2a859dcd5d33e2c902077c53a4d468"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-type
image/svg+xml
content-length
167
x-amz-cf-id
hQezwdOabp2CiDvUscT-O5MTPC6jyKcxy46GkP-XhsMU1bR109RryA==
tfa.js
cdn.taboola.com/libtrc/unip/1339635/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1339635/tfa.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08e24bdf5139aea889f2c6e192f08afb7152068e86bca805f156abd2d23eac22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ZCxNqImNfIhyR09zlrpyFCe9AwTblbW1
content-encoding
gzip
etag
"cec4bdc4b41aaf2311614f73889289d3"
age
15404
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17377
x-amz-id-2
4YBLcghWRKsE+BCvBncpUUldoGfziTvT/6ROekgbElpIPE4llQ5lbGg5oLuvclHbCWQfwwTQot0=
x-served-by
cache-hhn4047-HHN
last-modified
Sun, 16 Jan 2022 11:22:43 GMT
server
AmazonS3
x-timer
S1642615615.695368,VS0,VE1
date
Wed, 19 Jan 2022 18:06:54 GMT
vary
Accept-Encoding
x-amz-request-id
VZEG7KARBYDVC2MP
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
1
cx.js
cdn.cxense.com/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
857b10ab584d2ceac026fa25dc0e754e33c6d379376396b1376a9c919274013e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:06:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 09:28:40 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21754
Expires
Wed, 19 Jan 2022 19:06:54 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3948
date
Wed, 19 Jan 2022 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 19 Jan 2022 19:01:06 GMT
bg-ads.png
www.gazetadopovo.com.br/assets2/images/ 		89 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetadopovo.com.br/assets2/images/bg-ads.png
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-e322a3e0634d30442d4bd1971ba82688.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-e322a3e0634d30442d4bd1971ba82688.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 18:16:52 GMT
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 13:39:49 GMT
server
AmazonS3
age
4060203
etag
"53f9ae1eb3e782752565fa2c5d00ea37"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-type
image/png
content-length
89
x-amz-cf-id
YYsqYDouf_G9rfo7xzFwurZCbSrvI2By4735u-X5KJX7lLOvzGbmhQ==
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v7/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v7/qFdH35WCmI96Ajtm81GlU9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gazetadopovo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:21:40 GMT
x-content-type-options
nosniff
age
596714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38496
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:13:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 20:21:40 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gazetadopovo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 21:28:42 GMT
x-content-type-options
nosniff
age
592692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 02:22:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 21:28:42 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gazetadopovo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 21:28:42 GMT
x-content-type-options
nosniff
age
592692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 02:22:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 21:28:42 GMT
qFdB35WCmI96Ajtm81GgY9nqxw.woff2
fonts.gstatic.com/s/overpass/v7/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v7/qFdB35WCmI96Ajtm81GgY9nqxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78965480606b836890133111850e4a46330408417c00a0255379808a855e0907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gazetadopovo.com.br
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 03:54:35 GMT
x-content-type-options
nosniff
age
137539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39976
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:11:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 03:54:35 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:06:54 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1924
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d01ffe80cd471c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Jan 2022 18:06:54 GMT
json
trc.taboola.com/1339635/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1339635/trc/3/json?tim=1642615614755&data=%7B%22id%22%3A117%2C%22ii%22%3A%22%2Flogin.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1642615614735%2C%22cv%22%3A%2220220116-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us2.cas.ms%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgazetadopovo-br-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1642615614754%2C%22ref%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us2.cas.ms%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A73%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1339635/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0ac2b2ce270118e6159a42bb169493ad805b8cabc67e34784682e6fda84e0b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
35
date
Wed, 19 Jan 2022 18:06:54 GMT
content-encoding
gzip
server
nginx
x-timer
S1642615615.786861,VS0,VE35
x-served-by
cache-hhn4047-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=509707127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=83197081&gjid=388703515&cid=2038350501.1642615615&tid=UA-23088598-1&_gid=1552480204.1642615615&_r=1&_slc=1&z=615038032
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/0254fca9-7509-4ca1-94b2-2a67bcec99c3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0254fca9-7509-4ca1-94b2-2a67bcec99c3/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29166bff868ba4f2bc60fcd98aeb19fe0683a4cb8492d8f829ee17b80d5f7d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
370
cf-polished
origSize=5319
status
200 OK
x-envoy-upstream-service-time
66
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1e70b31c-9049-4493-a744-b123d35cf924
x-runtime
0.065391
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8cb541b377eb4f1f6959430b85082137"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d01ffe8fefd71c8-LHR
access-control-allow-headers
SDK-Version
expires
Wed, 19 Jan 2022 19:06:54 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23088598-1&cid=2038350501.1642615615&jid=83197081&gjid=388703515&_gid=1552480204.1642615615&_u=IEBAAEAAAAAAAC~&z=2015022295
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 Jan 2022 18:06:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gazetadopovo-abstracts-core-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccdac320f86d30c824b5fb23698bc771b1bc98ca807ca8ae77d8ad5e3472eb25

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:58 GMT
server
AmazonS3
age
2114
etag
W/"4069f9bed93c5903a893008111883536"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
lt_a5Qcdk9jaXhlpUoJivDfhlxkD28zPVn-deNXuMOxAR4vA0nFnhg==
gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7238cc5f866228e8ffce0f41775d101d374b50a95c56b00e5555172d7bc69ab3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:59 GMT
server
AmazonS3
age
2115
etag
W/"ca751bcd2b0370fd67c9a7b96633afc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
HNt6wDIoCP9PqW2cDyn9GuK7U36A2IZHRjpc1oOq3-nTPgS7sVZihg==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23088598-1&cid=2038350501.1642615615&jid=83197081&_u=IEBAAEAAAAAAAC~&z=1143381590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:06:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23088598-1&cid=2038350501.1642615615&jid=83197081&_u=IEBAAEAAAAAAAC~&z=1143381590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:06:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-gazetadopovo-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc3cc31f2356205435cc273e72f4f3943985ab21ff3709c27f61919510f87898

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:28:00 GMT
server
AmazonS3
age
2114
etag
W/"273f3502451623eed475b0f3949a1c8c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
iVeWpubEYhw2HbpwtEhlA77nta7_z4_WWgJiZ2HdraqrxkmoJQCccQ==
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:06:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
X9X9MDJT88RZERN9
x-amz-id-2
YUqypyk253RLJWqnaYjb2oAitX41K0YkcDiQga5AmGNVEYqlqblNhqitXDEip+qNAzqwdS24KXo=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHYahtk%2By6sYH0mHUw6zRRubG4wS9yJbxjhnW1TYna2AiK9QaZtkIjqPX1c4huL6dc4AU8ZnfMoEdoh1ZOd%2FR%2FdtvrIzYjP52qFx4lTfMMAVp%2FYQVG3U0YBJU0im3Je%2FqRlJQBVcypIAdW4dt8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6d01ffebcdaa887f-LHR
gazetadopovo-_init-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-_init-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57e34dd0ea64ef41106edc0629827071c17c03903af5dc2c12316c11b83d558c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:42 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:58 GMT
server
AmazonS3
age
2114
etag
W/"a8dd783c5057fba9ab3cca0d001ff57e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
rZ36-ef0PSzdIBi8UlNXGc_oZegJ1VdQzsC6aXStnsaKavHoCWD9xQ==
gazetadopovo-abstracts-ui-tools-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-ui-tools-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5acc53b018869f7cac85338b4deaa8a47a82591fb9d0595ee074b1f0e0f7879

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:42 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:59 GMT
server
AmazonS3
age
2114
etag
W/"40192f3232b832a79d1c38e2b8012a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
hyqFv99wRRmMK2uhAbqk9cOreIkh0UNGdNJvFs3YdeWSLyURkn3glg==
gazetadopovo-_back-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		85 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a5d5004c2bf22b915fecd72dcc3dbe21c8fa3ec55f9cf89371fbd08000901e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:58 GMT
server
AmazonS3
age
2112
etag
W/"69411b785b87e660da0d9a3380d64a89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
3sBWr14m5wMSiEf6qA9GM9qbQwpI0FzDwY5GpPk1fK-GMw4TwINVcw==
gazetadopovo-app-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		106 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
758fbdf378e85f6bbead08aeffa306c743a3475ed0ee691069183613803c3ab9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:54 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:59 GMT
server
AmazonS3
age
2101
etag
W/"ee5d532d30149582013d8eab72bc3670"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
cpJtxd3DI3gU2TN1d9QeSUb5iXWSmw3e9XROk4trxP_St2DkXqMI2A==
swg.js
news.google.com/swg/js/v1/ 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d346288a7a4521aff0802cfd44fdd0d4429ea44c96e6d149d0fa4544b1a3a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44780
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:19:31 GMT
49-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/49-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee8ef215cc66655e36af9ee16b442fb4771c14b0ffd027c306a193526e109b69

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:45 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:52 GMT
server
AmazonS3
age
2111
etag
W/"158aee196edfbb59d9adf5e406b04af7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
jVgbyaCYBnbBJdG0xpMG3Knho98iQNtiftnQUfJC-wlIH03cn3j3fw==
flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 		513 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-66.txl50.r.cloudfront.net
Software
/
Resource Hash
eaa5785c4814137fa5ea6e4701192397680b5ae0fa088ffc3dd9200efdf97893

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jan 2022 18:06:56 GMT
via
1.1 fd53ce1b66d79eef4809fa7eb2f761aa.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-amzn-requestid
d9410171-c823-4be0-a109-7587505e7a66
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61e85340-3af7d302505fe26d549396be;Sampled=1
x-amz-apigw-id
MNHyFHAjIAMFfyA=
content-length
513
x-amz-cf-id
N3txZXQ4op7GJx1OtK4ct4wT3iZaLql-I8bo6NsR2KDOQf47f-mAHQ==
flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-66.txl50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 19 Jan 2022 18:06:55 GMT
x-amzn-requestid
082f1af6-d263-4b13-ad57-0f601d6ecfad
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
MNHyBEc7IAMF3qg=
access-control-allow-methods
OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 fd53ce1b66d79eef4809fa7eb2f761aa.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
-XKq2g4XxNzDwUWSZCSOlBnruLSq8IgpO0AVJ8pCdUHevqvgd7_D8Q==
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:42:50 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 83EE 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc6971c7e78237b6eff4eee0b12c2ed904b6f26a70c8dafb53c5775aa352fff7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qt74HwY+1aZkWp+zdgGXlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-qt74HwY+1aZkWp+zdgGXlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 19 Jan 2022 18:06:55 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
script-src 'report-sample' 'nonce-qt74HwY+1aZkWp+zdgGXlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-qt74HwY+1aZkWp+zdgGXlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:44:17 GMT
entitlements
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.gazetadopovo.com.br/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:06:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 83EE 		0
22 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.gazetadopovo.com.br.admin-us2.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us2.cas.ms/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HfSNgreuBVYG/leYa+ukcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-HfSNgreuBVYG/leYa+ukcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:06:56 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-HfSNgreuBVYG/leYa+ukcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-HfSNgreuBVYG/leYa+ukcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 83EE 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:42:50 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame 83EE 		160 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
588c087a9f0927174091373b182e608acae9dc844426367290a3b9536a5590db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57503
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 08:50:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 20:09:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 83EE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:18:05 GMT
x-content-type-options
nosniff
age
110931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 11:18:05 GMT
unip
trc-events.taboola.com/1339635/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1339635/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=73&ssd=1&est=1642615614752&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1642615616306&vi=1642615614735&ri=c6de124a28fd9996222c33bb6f15c231&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us2.cas.ms%2F&cv=20220116-1-RELEASE&item-url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1339635/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.gazetadopovo.com.br
pragma
no-cache
date
Wed, 19 Jan 2022 18:06:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L... Frame 83EE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L.B1.O/am=BAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5AoLuD-W40xgL2bw6jCcSmvOucbw/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e899a3d465133c5d1f2aa8bfcbf5dc1d27e78338e1090d45697325c81c6821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 04:53:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 20:22:04 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,KUM7Z,ZfAoz,xQtZb,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L... Frame 83EE 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L.B1.O/am=BAAQ/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5AoLuD-W40xgL2bw6jCcSmvOucbw/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,KUM7Z,ZfAoz,xQtZb,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
083b9eba039025fa98bb9203240e445c96785a091c507d9efaa317c1d2199c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38378
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 04:53:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 20:22:04 GMT
/
events-api.gazetadopovo.com.br/register/ 		0
0
45-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/45-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54e37d7ec8b8b7e1032c37b1d03431eca17a5cd6d2fab2a1403209e9864d2a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:46 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:52 GMT
server
AmazonS3
age
2111
etag
W/"d4ef5d38e29dcba272bea3c0f050d3c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
UsN1vF8xnVZk8S1VsUABDGmAHsQRaqkZN0cTp1LKO4s0zBSCGxJJKA==
46-gaz-e322a3e0634d30442d4bd1971ba82688.js
www.gazetadopovo.com.br/assets2/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetadopovo.com.br/assets2/46-gaz-e322a3e0634d30442d4bd1971ba82688.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-e322a3e0634d30442d4bd1971ba82688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:cc00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd71b001a3230555820db1340e6e90c0624de96097a3a99119c9f87c5e50dae7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:31:46 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 17:26:52 GMT
server
AmazonS3
age
2111
etag
W/"2314c768998e2a3d58bd80e27caf8ba4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
content-type
application/javascript
x-amz-cf-id
kvgKg81skHd4_pedWNyPSWep1AFhX9IYiwkuLPrOekxcnLAP62w6CA==
uoltm.js
tm.jsuol.com.br/ 		0
0
sp1.html
cdn.cxense.com/ Frame AFF9 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.gazetadopovo.com.br/

Response headers

Accept-Ranges
bytes
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Content-Length
379
Cache-Control
max-age=864000
Expires
Sat, 29 Jan 2022 18:06:56 GMT
Date
Wed, 19 Jan 2022 18:06:56 GMT
Connection
keep-alive
Content-Type
text/html
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
/
events-api.gazetadopovo.com.br/register/ Frame 		0
0
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 83EE 		395 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=2902906281337885721&bl=boq_subscribewithgoogleclientserver_20220117.13_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=65217&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L... Frame 83EE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L.B1.O/am=BAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,KUM7Z,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xQtZb,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5AoLuD-W40xgL2bw6jCcSmvOucbw/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5d3b280099658f3729cd13965738963c2d86fcc624912a7f9fdd8db269c52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7278
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 04:53:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 20:22:05 GMT
cx.js
cdn.cxense.com/ Frame AFF9 		0
0
log
play.google.com/ Frame 83EE 		0
0
log
play.google.com/ Frame 		0
0
log
play.google.com/ Frame 83EE 		0
0
log
play.google.com/ Frame 83EE 		0
0
log
play.google.com/ Frame 		0
0
log
play.google.com/ Frame 83EE 		0
0
log
play.google.com/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
events-api.gazetadopovo.com.br
URL
https://events-api.gazetadopovo.com.br/register/
Domain
tm.jsuol.com.br
URL
https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Domain
events-api.gazetadopovo.com.br
URL
https://events-api.gazetadopovo.com.br/register/
Domain
cdn.cxense.com
URL
https://cdn.cxense.com/cx.js
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| adBlockerOnEvent function| setNptTechAdblockerCookie function| adBlocker object| _tfa object| cX function| cxCCE_callQueueExecute object| cxTest string| GoogleAnalyticsObject function| ga object| dataLayer object| fbpixel object| GPSWGState function| OneSignal string| pageType string| idBlocoAnuncio string| uolBlocoAnuncio string| assetsURL object| GPExternalFunctions object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0 object| webpackJsonp object| GPCORE7e3458 object| Backbone object| GPAbstractModules boolean| adBlockerInit object| picturefillCFG function| picturefill function| BlockAdBlock object| blockAdBlock function| jQuery function| $ function| SDKPrivacy function| JSCookies function| trackerSendEvent object| SWG object| UrlCache object| SUBSCRIPTIONS

7 Cookies

Domain/Path Name / Value
.gazetadopovo.com.br/ Name: _ga
Value: GA1.3.2038350501.1642615615
.gazetadopovo.com.br/ Name: _gid
Value: GA1.3.1552480204.1642615615
.gazetadopovo.com.br/ Name: _gat
Value: 1
.gazetadopovo.com.br/ Name: GPSDK_TKTID
Value:
.gazetadopovo.com.br/ Name: GPSDK_SESID
Value:
www.gazetadopovo.com.br/ Name: __adblocker
Value: false
.google.com/ Name: NID
Value: 511=q05D3YOBUiepQruGiUGA_mF0amJIPgWQyxFRiXsKsO1aI_2xratDkfdB7dErJUN_AaUhoSpnER_wQbLHX1J7x17NGhkcn1rWJ_t8DiydItzI4WGgSAyirmACMUVgt4Bcp9d8eL05ZvGt6YfUbBxRHk7M0aFdOACyroVZMF2-UMY

2 Console Messages

Source Level URL
Text
network error URL: https://www.gazetadopovo.com.br/login.php/
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
cdn.cxense.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.taboola.com
events-api.gazetadopovo.com.br
fonts.googleapis.com
fonts.gstatic.com
mcasproxy.azureedge.net
news.google.com
onesignal.com
play.google.com
stats.g.doubleclick.net
tm.jsuol.com.br
trc-events.taboola.com
trc.taboola.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.admin-us2.cas.ms
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.npttech.com
cdn.cxense.com
events-api.gazetadopovo.com.br
play.google.com
tm.jsuol.com.br
141.226.228.48
151.101.1.44
18.64.79.66
2600:9000:2093:cc00:6:45ad:3580:93a1
2606:4700:20::681a:a5b
2606:4700:3032::ac43:c0b6
2606:4700::6812:e134
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c06::9c
2a02:26f0:1700:181::268b
2a02:26f0:fb::5f65:5951
51.137.137.121
00e87bd383b27d07b8dd7b01bcdeda5505fdb5477df4921880b31cef5536c51b
083b9eba039025fa98bb9203240e445c96785a091c507d9efaa317c1d2199c69
08e24bdf5139aea889f2c6e192f08afb7152068e86bca805f156abd2d23eac22
0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
29166bff868ba4f2bc60fcd98aeb19fe0683a4cb8492d8f829ee17b80d5f7d26
2ba667b3b2504c0c551bafb06dfef0a08e23b071eafc63ab019c66124c4626e5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
461c5168584dc4fbee4e810963f3b3ff52cac716cd7cde4f8cdfd3a7fa0f12d2
4b5d3b280099658f3729cd13965738963c2d86fcc624912a7f9fdd8db269c52f
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54e37d7ec8b8b7e1032c37b1d03431eca17a5cd6d2fab2a1403209e9864d2a22
57e34dd0ea64ef41106edc0629827071c17c03903af5dc2c12316c11b83d558c
588c087a9f0927174091373b182e608acae9dc844426367290a3b9536a5590db
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
7238cc5f866228e8ffce0f41775d101d374b50a95c56b00e5555172d7bc69ab3
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
758fbdf378e85f6bbead08aeffa306c743a3475ed0ee691069183613803c3ab9
78965480606b836890133111850e4a46330408417c00a0255379808a855e0907
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857b10ab584d2ceac026fa25dc0e754e33c6d379376396b1376a9c919274013e
8799431bc9390d0023c7b3e873bec4971682723810396d7aa79191925987db52
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
98fce231adea179dfb0df568f5e103f77c2ba8b0ed31d608a58cbb8cf751d83d
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
9a5d5004c2bf22b915fecd72dcc3dbe21c8fa3ec55f9cf89371fbd08000901e0
9d346288a7a4521aff0802cfd44fdd0d4429ea44c96e6d149d0fa4544b1a3a06
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5acc53b018869f7cac85338b4deaa8a47a82591fb9d0595ee074b1f0e0f7879
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6e899a3d465133c5d1f2aa8bfcbf5dc1d27e78338e1090d45697325c81c6821
b998e9f01a53e1f7999f58ca8eb49f1e9fa364978766a4d457e562f01db4f316
bc3cc31f2356205435cc273e72f4f3943985ab21ff3709c27f61919510f87898
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
ccdac320f86d30c824b5fb23698bc771b1bc98ca807ca8ae77d8ad5e3472eb25
d0ac2b2ce270118e6159a42bb169493ad805b8cabc67e34784682e6fda84e0b8
d3762b3ccf2b8567d929323731f2ddaa5493596cb26fe214c8cc16f0ab350a5b
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
dd71b001a3230555820db1340e6e90c0624de96097a3a99119c9f87c5e50dae7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa5785c4814137fa5ea6e4701192397680b5ae0fa088ffc3dd9200efdf97893
ee8ef215cc66655e36af9ee16b442fb4771c14b0ffd027c306a193526e109b69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
fbebc540efbf156e2df1964fef5c1a7da330b6154a779fc17caa7224ca113ab5
fc6971c7e78237b6eff4eee0b12c2ed904b6f26a70c8dafb53c5775aa352fff7
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd