urlscan.io logo urlscan.io
SecurityTrails logo

www.expressodopovo.com.br Open in urlscan Pro
165.227.252.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.expressodopovo.com.br/
Effective URL: http://www.expressodopovo.com.br/
Submission Tags: krdtest
Submission: On June 29 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 93 HTTP transactions. The main IP is 165.227.252.94, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.expressodopovo.com.br.
This is the only time www.expressodopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    165.227.252.94 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.expressodopovo.com.br
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
62    2606:4700:20::681a:160 (United States)

ASN13335 (CLOUDFLARENET, US)
pbr-def.srvsite.com
pbr-str.srvsite.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i1.ytimg.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
34 pbr-str.srvsite.com www.expressodopovo.com.br
pbr-def.srvsite.com
28 pbr-def.srvsite.com www.expressodopovo.com.br
pbr-def.srvsite.com
7 pagead2.googlesyndication.com www.expressodopovo.com.br
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.googleapis.com www.expressodopovo.com.br
3 i1.ytimg.com www.expressodopovo.com.br
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.expressodopovo.com.br
2 www.expressodopovo.com.br www.expressodopovo.com.br
1 www.google.com tpc.googlesyndication.com
1 static.xx.fbcdn.net www.facebook.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com www.expressodopovo.com.br
93 17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
instagram.com
g1.globo.com
hostmelodia.com.br
Subject Issuer Validity Valid
www.expressodopovo.com.br
R3		 2021-06-26 -
2021-09-24		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://www.expressodopovo.com.br/
Frame ID: 045C06BFD31B7756191A7A8F4E760F2F
Requests: 86 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Frame ID: CEC99DA55BDBCD313071898DD679EDAF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html
Frame ID: 3091C808D40063AA78118AB5D6D3B6BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2140207384726849&output=html&adk=1812271804&adf=3025194257&lmt=1624950935&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.expressodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1624950935196&bpp=3&bdt=269&idt=54&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4236777953737&frm=20&pv=2&ga_vid=999208813.1624950935&ga_sid=1624950935&ga_hid=2116064157&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061661&oid=3&pvsid=3026253954569732&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
Frame ID: E448CBF354FCEAFA5C65043D765EABD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1B738A6A14D95C76AFC7D1DB460E28C3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F992657E0012C44F07ED8F1FD0DA228
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.expressodopovo.com.br/ Page URL
  2. http://www.expressodopovo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

93
Requests

97 %
HTTPS

88 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

3004 kB
Transfer

3996 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.expressodopovo.com.br/ Page URL
  2. http://www.expressodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
www.expressodopovo.com.br/ 		36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.expressodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.252.94 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.46 (Ubuntu) /
Resource Hash
b3fc825b9d10f702e321a3f5a28b695c893a1cae6cae989038c459b7a64afeec

Request headers

Host
www.expressodopovo.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 07:15:33 GMT
Server
Apache/2.4.46 (Ubuntu)
Set-Cookie
PHPSESSID=s2d07qnvdf6j6vdb8f7kosgdnn; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
*
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
7197
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1
css
fonts.googleapis.com/ 		4 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 05:52:58 GMT
server
ESF
date
Tue, 29 Jun 2021 07:15:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 07:15:34 GMT
css
fonts.googleapis.com/ 		1 KB
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 05:55:58 GMT
server
ESF
date
Tue, 29 Jun 2021 07:15:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 07:15:34 GMT
estilo.php
pbr-def.srvsite.com/template/noticias/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f545f058f2720aa1a60fdf7bea0e9b45f631ac4c455a8cdb6063bf8af0d560

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EtpslMcCNTMz5W1vm6T7dvYeEd9NEsdl5KxZ8iX0jEdJvjvopoOtOqied%2BmlFp0tFgvh%2FbfG%2FgW7pogxpi27PWcX6H%2BWPD3B5q3iJso1WedMcFGSpUlAZqqex7dEDKihdFTugFs%2Fgc7EtKzH"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=ISO-8859-1
access-control-allow-origin
*
cf-ray
666d5d49cc9e05d4-FRA
cf-request-id
0af838a21c000005d4fa837000000001
flexslider.css
pbr-def.srvsite.com/template/noticias/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/css/flexslider.css
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedd7e3ecef2cd050c2e053e3e60cfafbf904acdeba7925bc87f6f4dfcdf80f0

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a21c000005d40fad7000000001
last-modified
Wed, 25 Oct 2017 19:29:32 GMT
server
cloudflare
etag
W/"1acf-55c641330bf00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=isWit0kn8vYzYF0WWq75N%2Fx7JKe0qQVs6gbnItFUUlreNXGYpeKUPT9lcsmvl2Ckwjml1TF19KRpqEbh4Akn1gPZjeWnTs9lhUIjXhw2fl22uzbZmt04QCVO0Y%2FdaKwNQ27Afe7YlVk89VAI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d49cca005d4-FRA
responsiveslides.css
pbr-def.srvsite.com/template/noticias/responsiveslides/ 		490 B
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.css
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4458
cf-request-id
0af838a21d000005d48235a000000001
last-modified
Mon, 18 Jun 2018 19:07:29 GMT
server
cloudflare
etag
W/"1ea-56eef46e1de40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7ohjLrHBjaOAaXKe4UdC%2FL8STHMIcFWRybzHFy1Xqf9JsFOaxZ%2FTsotxj1HL9A2v%2BGoS46AmuiH8R9hOY1nnIYAeN3Yj9P36C9%2BMG0LoPT7QNYxxSZmPdvCvBlW49oLs0HpsFRMoSvAbeQbz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d49cca105d4-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 04:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 04:42:24 GMT
funcoes.php
pbr-def.srvsite.com/template/noticias/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/js/funcoes.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JR3ZgPjWSl1jHiG%2BdnV5M0drobIUS0V0E39NZSvunuqbZOR3sv2DaEgrW%2FnH%2FhLrbULeSiX%2Bw%2FVkCPvtpfdmU2QQXttQfgQoxu2CNwHkjrHWKcEJf8kwlrSBHNV8V5sidqS1YRRL271ZP244"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cf-ray
666d5d49cca205d4-FRA
cf-request-id
0af838a21d000005d40ba27000000001
cabecalho-8546-20210107102026.png
pbr-str.srvsite.com/arquivos/8546/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/cabecalho-8546-20210107102026.png
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Jan 2021 13:20:27 GMT
server
cloudflare
etag
"15037-5b84f4d946993"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T2%2Bd8ECNyxSX5ddmibMZl03LQzzbKWohHTOdxkvKPJZAGvYaIVYG5zlZj3TdgkPPNuzv9KJWtLUBsia5CC%2BgwnSUy19AAzBW9lmBqNGbkf4zya8%2Bt8X0DEMf1yakS4hmXkg%2BqEY04S2mhLEJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d4acf0405d4-FRA
content-length
86071
cf-request-id
0af838a2c2000005d4063b9000000001
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49123
x-xss-protection
0
server
cafe
etag
9912502780553662519
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 07:15:34 GMT
rodape-357-20161129132848.jpg
pbr-str.srvsite.com/arquivos/revenda/357/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/revenda/357/rodape-357-20161129132848.jpg
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
29455
cf-request-id
0af838a2f5000005d4b530d000000001
last-modified
Tue, 29 Nov 2016 16:28:48 GMT
server
cloudflare
etag
"730f-542731534b000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q%2FN78KyIZElty8XSASkKiIauiJ7j0mSXtXzJVRod%2F4RaFqknoso59QobnUVisGVCkGEqMzrNO9WY0I%2B%2F%2FzJpGjaYzP3M41eR%2BKaU6FmtHPz9XUvhKKY7kTkEkol5eEOOa9YZxHzoR43ct2NB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d4b2ff105d4-FRA
cf-bgj
h2pri
jquery-1.7.2.min.js
pbr-def.srvsite.com/template/noticias/js/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/js/jquery-1.7.2.min.js
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a29d000005d4edb1a000000001
last-modified
Mon, 21 Oct 2019 19:41:48 GMT
server
cloudflare
etag
W/"1727b-59570dfd97700-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZRnGZT8bQDBY7P6EJKynHbX2FXEXrWgbRANl2AHWx6PmpvioqCwxFtnfkVKfau8TrMNOnWfTmXcYRXDX96BJKLZ%2FJ48xAIA8TOs9eSA7A8G6PshOX%2BJLAOkwUrnFf02Cr1iBF%2Brj04QGwyla"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d4a9e7e05d4-FRA
responsiveslides.min.js
pbr-def.srvsite.com/template/noticias/responsiveslides/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.min.js
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a2ab000005d481b11000000001
last-modified
Mon, 18 Jun 2018 19:07:30 GMT
server
cloudflare
etag
W/"d44-56eef46f12080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y6aCrtsn9Ghfs6R8aYrCMZ5z5Bsg7RDzlyb9k0zxJMUoQKQ8haiEf1%2FOrLaJQmF5q4zWSgS8rJa4mUnjH0kUU6nwwMDGJVHVsGw%2BieAfezzs6i8FVqQW6WfdzQI8Pv643x3ypIHT9qhKZMdt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d4aaea905d4-FRA
jquery.flexslider.js
pbr-def.srvsite.com/template/noticias/js/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/js/jquery.flexslider.js
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a2ba000005d4b1210000000001
last-modified
Wed, 25 Oct 2017 19:29:36 GMT
server
cloudflare
etag
W/"d6ab-55c64136dc800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=buX7RuI59ugwQQTNsmVR%2FWBrG7xEmp3oIUhXgh1GnZVmiGXk8gXlIyUxbWJCuOGqeJoIlh1gQ%2BVVFy%2BTe2uLf3TbzFrUcZbzHxVkORL1z7iS%2BNu3VjTsqARi2IXZSfcB18SEFykz5sX8Fgj2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d4abed405d4-FRA
font-awesome.css
pbr-def.srvsite.com/template/noticias/font/awesome/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af0a3c8dff6ac422f4ef2274045a749085d566eb0ad957f326ab270b3098c03

Request headers

Referer
https://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a21d000005d4c1310000000001
last-modified
Thu, 21 Jun 2018 17:40:59 GMT
server
cloudflare
etag
W/"917e-56f2a6b0ee0c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JUmVUFZnHfYDlKr%2Bfdlitf04TOuIRZmBo1YPnu40rbOFP8ekfcG76owxrZN0Bu9avRSSGJX2p6OBkM5X4qEWHWXcXnth0GwMAX%2FEvMdBnCgJ666amkY7yjhIhZ7sO1%2FEE1magutuJVhzwvQu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d49cca305d4-FRA
Primary Request /
www.expressodopovo.com.br/ 		36 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.expressodopovo.com.br/
Requested by
Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol
HTTP/1.1
Server
165.227.252.94 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.46 (Ubuntu) /
Resource Hash
0b7c8a39e086999e9204451388903236efba819cea2eb888a22d0261f4a2d913

Request headers

Host
www.expressodopovo.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
PHPSESSID=s2d07qnvdf6j6vdb8f7kosgdnn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 07:15:34 GMT
Server
Apache/2.4.46 (Ubuntu)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
*
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
7190
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1
css
fonts.googleapis.com/ 		4 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 05:48:58 GMT
server
ESF
date
Tue, 29 Jun 2021 07:15:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 07:15:34 GMT
css
fonts.googleapis.com/ 		1 KB
428 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 05:58:23 GMT
server
ESF
date
Tue, 29 Jun 2021 07:15:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Jun 2021 07:15:34 GMT
estilo.php
pbr-def.srvsite.com/template/noticias/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f545f058f2720aa1a60fdf7bea0e9b45f631ac4c455a8cdb6063bf8af0d560

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VyiRzVMM1QrYPl6X2QN4OVAe%2FIptPGS02RS1BjkLdoCGaV9QoO24zP7NrCIwapGdlSjvaBdx4WWrjL3Mp0Xa7Y3FPeIbO2c8fNNjcEUAKX%2BSQWGdFKz%2BheIRCF%2B%2F%2FVVN5ZtpppSiC9T0oq2W"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=ISO-8859-1
access-control-allow-origin
*
cf-ray
666d5d4f5ad405d4-FRA
cf-request-id
0af838a596000005d4e13f7000000001
flexslider.css
pbr-def.srvsite.com/template/noticias/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/css/flexslider.css
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedd7e3ecef2cd050c2e053e3e60cfafbf904acdeba7925bc87f6f4dfcdf80f0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a596000005d4b7b39000000001
last-modified
Wed, 25 Oct 2017 19:29:32 GMT
server
cloudflare
etag
W/"1acf-55c641330bf00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ROHFTt98SRhX3s9JKaCDd3W4hLiY6u9e%2Fz0Am9meTb1JdAdF%2B%2BoJj03LlsVzyZ4RekKw3VtVspnQqP6sriuQAlu%2BZ0c9UrmeN6RfmBfQ7Is22oIUZYcOmTE15MehAc4104%2FCDBU7smrzY%2BNs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d4f5ad505d4-FRA
responsiveslides.css
pbr-def.srvsite.com/template/noticias/responsiveslides/ 		490 B
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.css
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4458
cf-request-id
0af838a596000005d40600e000000001
last-modified
Mon, 18 Jun 2018 19:07:29 GMT
server
cloudflare
etag
W/"1ea-56eef46e1de40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MiMBwAMRwaih8YAhP9StGsuiYEeJqcR6faWMDGQ7Vq4b9LkjzYjSTU2j4RlmvqzOZJKeMP3QyotqjNX6ATQG5imqcnVct7sNOpAoqgWxve8DLCpQ%2BKXGU7mLbdH0YxBKjkTAFPQkHoba7rHj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d4f5ad705d4-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 18:14:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
46882
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33434
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 28 Jun 2022 18:14:12 GMT
funcoes.php
pbr-def.srvsite.com/template/noticias/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/js/funcoes.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3ab3c83c72b3220bfe179f795d6c87e2d87756577c5a7d51fdd99e89206944

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UB6TuhMtHWSx9gGoh1FdcvLSUB3AQCg3z5iSLedkK89NZ6nMOFJtGskM1Y1ouFDvId9jx%2FshPCSRadkc%2Fr%2F2UPYkubdUTy85G0qYIvVIqa7aMfbL8o7f7TywAj32%2FtSDN%2F%2FjKXGFd62uRMlh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cf-ray
666d5d4f5ad805d4-FRA
cf-request-id
0af838a596000005d414802000000001
cabecalho-8546-20210107102026.png
pbr-str.srvsite.com/arquivos/8546/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/cabecalho-8546-20210107102026.png
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5b91086e79560877ff54970caab310af98c8b4f24db75ac8e9d0c1048e949d

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
content-length
86071
cf-request-id
0af838a61b000005d4c607f000000001
last-modified
Thu, 07 Jan 2021 13:20:27 GMT
server
cloudflare
etag
"15037-5b84f4d946993"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tgvglV6DjnNk6mGWg44A6QqlpkhdBHea69XgkPmVcaxh14PsOCzYcKHAq%2FueNnO8Y4yuRhV1y9VRc45q%2F56ZhhuOjfqGFvg4Hol0SXEnL30JU8RaGRUvw6WAXvpggou7A7jXDyiQUTIH2kwW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d502cf305d4-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91198bd25a83e9f7f25a6584d11523fb0e94e51e0a943b7cf09113e82c9cfeae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49130
x-xss-protection
0
server
cafe
etag
2297787930153643593
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 07:15:35 GMT
rodape-357-20161129132848.jpg
pbr-str.srvsite.com/arquivos/revenda/357/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/revenda/357/rodape-357-20161129132848.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6e02b00dadff3552cc2958791078e4b11fe3d997eb64a0132e5239b78473f2

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
content-length
29455
cf-request-id
0af838a61b000005d4edb77000000001
last-modified
Tue, 29 Nov 2016 16:28:48 GMT
server
cloudflare
etag
"730f-542731534b000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kvd6DdwAtVJArtlCeX8orwjHqI8nAv9PJoySzFUilZmD2KzuygZXQAS7XgWiqGXTRfiGdRvyRZDWoXKqaBGAW0z4c97KKq1MEMup0uP3iLWqqThsOjaB0oQukshLt0FpXBWio8utVmVFaQG8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d502cf705d4-FRA
cf-bgj
h2pri
jquery-1.7.2.min.js
pbr-def.srvsite.com/template/noticias/js/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/js/jquery-1.7.2.min.js
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbd2c8347ea21c3aec216324f187409683dde29021154cb7ae0ed0f115a7089

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4458
cf-request-id
0af838a607000005d403bf0000000001
last-modified
Mon, 21 Oct 2019 19:41:48 GMT
server
cloudflare
etag
W/"1727b-59570dfd97700-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o9GsKRHy%2FPFnN5i3jFEfDJ6omcEKsH2LclMzP0LVwM%2BrfU2Qc8WiOvT2x1D2klAP5PeW8qWywwrG6c1jlFDSCf4eTCFm6faxOTszMJzWc7oAtd3QVAImMnibyAeONhqiJI4LGzcMVoX4qjBm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d500c8f05d4-FRA
responsiveslides.min.js
pbr-def.srvsite.com/template/noticias/responsiveslides/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.min.js
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4458
cf-request-id
0af838a611000005d4e63bb000000001
last-modified
Mon, 18 Jun 2018 19:07:30 GMT
server
cloudflare
etag
W/"d44-56eef46f12080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s%2F3ROIhQen0z23yNMrYzvz%2FpYvGVt8R2FsS39gT%2BJu8FhjFwjtYYc6dppV%2FHCXvXkFGNK6ngcJHR%2FqPYoiD3rlmqOG166XtIqx%2Fp1lARE2XB6jOAzBT%2FtKB5TIyuHHgQ13YamnjCRglj9IT0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d501cb805d4-FRA
jquery.flexslider.js
pbr-def.srvsite.com/template/noticias/js/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/js/jquery.flexslider.js
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb70827d2642f5d077cdec125b934d00204a3a1e835acac5d90ba25b7ebea08c

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4458
cf-request-id
0af838a61e000005d4823d6000000001
last-modified
Wed, 25 Oct 2017 19:29:36 GMT
server
cloudflare
etag
W/"d6ab-55c64136dc800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6IkJQzYjt60rIXVKECyJPon5QotxMtmY6DF9YLKgnX7P7AqVwZ9yvZCidtQISOocHW7EJMHHcK2K2iw9uPJm%2BQSzpiDlD0t7T14YBETJqT5TTpST3cUZnvP5HYGWa8O%2B2C%2FDBVOlJzdueMrL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d502cef05d4-FRA
font-awesome.css
pbr-def.srvsite.com/template/noticias/font/awesome/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af0a3c8dff6ac422f4ef2274045a749085d566eb0ad957f326ab270b3098c03

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4457
cf-request-id
0af838a5a7000005d4f8332000000001
last-modified
Thu, 21 Jun 2018 17:40:59 GMT
server
cloudflare
etag
W/"917e-56f2a6b0ee0c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6YYc84klKtFQoFVpNabG079V1fKoWK8VijvlSNe0rA%2BvrDJHYgt7CJSngBQUEq4slKwkwXyPHJgBf9iyJIxbdSMRifa3zOT9ZB%2BL6ECpv8IsitO6WTfhQsRVP%2F6ma3d1qO23pxpe5o7lZcjG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
666d5d4f7b1105d4-FRA
back-8546-20210108120656.png
pbr-str.srvsite.com/arquivos/8546/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/back-8546-20210108120656.png
Requested by
Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e4d664df4253195736eb70d4da133fd5da5814679fec7eef0560c2b485ba04

Request headers

Referer
https://pbr-def.srvsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 15:06:56 GMT
server
cloudflare
etag
"584e-5b864e8418b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qtEE8XNORFi7H8CNDx25fTrbco85Jeyruo%2FRNF9%2BvrdrxgwIXAymt8Y%2FiiHxGh%2FPbC9aATsZMvdREMGazeDXr7EeQuyZiocknoLQGCmAOyPUyNENN5tlf%2BJHegzZWxK2l1SXqptab7Z%2FXi0x"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d504d3905d4-FRA
content-length
22606
cf-request-id
0af838a62f000005d4d03fb000000001
bg_branco.png
pbr-def.srvsite.com/img/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/img/bg_branco.png
Requested by
Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dadfc2259d45cd231c80d9e69dc11991eb0753dfb4b8f8f8e89fc4f72833e76

Request headers

Referer
https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1288
content-length
981
cf-request-id
0af838a635000005d415099000000001
last-modified
Mon, 21 Oct 2019 13:43:04 GMT
server
cloudflare
etag
"3d5-5956bdceb4a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vTOSKAhmYZhgSgFjSWYpTouIk8gx0acIaBv8y%2FKZSi9tTqTdj4Niw6ju6M6U9PNF5gccWWw42peyOmaxHpi1UrntljzDZoYwfl2o9bVv1Wx6cQhjzGir3BMk8alY2nc0P2mS7bScJ9DTr4zj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d505d5a05d4-FRA
not-8546-20210625133026.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210625133026.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2b955edc7329fb3bb79eb9daad182778b9c6d1745e06647c8a829a41201df9

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
68790
cf-request-id
0af838a635000005d4db942000000001
last-modified
Fri, 25 Jun 2021 16:30:27 GMT
server
cloudflare
etag
"10cb6-5c599a84222bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DW2ylAjSwCOWEMQrHHx7AylHcJOdwxfF8%2FJBlhS1XAODcsi4R4tUwDE4uQ1R72QlVczlSV6UKwBAVj95vQPlTa6S6LpcDvxR4m7PRGgCh9RpT7dPvjSgSq%2BaY1vpYRYfhRW4hn8V31FSDl8q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d505d5f05d4-FRA
cf-bgj
h2pri
not-8546-20210625122304.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210625122304.jpeg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f836e916c10a354fb88633fdbeb3314638168b22d0b5307854505b8ed18615d

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Jun 2021 15:23:04 GMT
server
cloudflare
etag
"12bbc-5c598b74a0f9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IMtOJMzkUJOGmSktVpPHxpROBk3LclarVfTKU8Syv1uI2rk%2BqryH3nqqSODYpKF9QVKEUbhLFqf5Wf5pbBNjYtwzt7HhplDBp4owkAMFdghvXnS1GfesCCoOWC8HcEpGA1B9YjkW1t3nQUmF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d505d6005d4-FRA
content-length
76732
cf-request-id
0af838a635000005d40601c000000001
not-8546-20210625112804.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210625112804.jpeg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1493d33b5db80b342aba5078d3cab31d140fca30a89baa0c6902b8fbfa5a5d

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Jun 2021 14:28:04 GMT
server
cloudflare
etag
"fe35-5c597f298f96b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pdaCrAG9%2BwFrC6a3F5shwMy26AUOj7e%2Fn7K7ipAJDi0Sll84IRxICZa42Z4WeQ%2BcJkRfq9geojPupVll2W%2Bq0%2FkMq6%2FPY7a3U6xKuA237DW0FrQ9SkDVR7OHbVOwxUst1FJHMb1m0xhoCad3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d505d6405d4-FRA
content-length
65077
cf-request-id
0af838a636000005d4de393000000001
not-8546-20210625110627.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210625110627.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907276980502fa46d291804beb7e7e3665d4907436705d04e89f92d31e7feb0f

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
60056
cf-request-id
0af838a636000005d417a58000000001
last-modified
Fri, 25 Jun 2021 14:06:27 GMT
server
cloudflare
etag
"ea98-5c597a548c203"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nvos82Z1tKvX7ROfE5umPe%2Fz1p3%2B5Hzpuqi5rKeufoahS3ZnxT1OvxUGrem6aY80UI0FjnfUQEeJ87M%2BnMSGnav5rPg4dZXueY4N0L248BG4HqIDQzYNM%2B%2FJTiGSf5QBpt1DQYac99Wsfndj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d505d6505d4-FRA
cf-bgj
h2pri
fontawesome-webfont.ttf
pbr-def.srvsite.com/template/noticias/font/awesome/ 		162 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/font/awesome/fontawesome-webfont.ttf?v=4.7.0
Requested by
Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Origin
http://www.expressodopovo.com.br
Referer
https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2017 19:29:44 GMT
server
cloudflare
etag
W/"286ac-55c6413e7da00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KCfnemsJ8pVsRRIAJYkv8fK2w4932DiwKnHrPNG2zZzDAbwvjt7n4Q3It3PjbUe51A28loBPfbgtWmPV8VpGZYxYknnL3PAeMlx66U8F1FSRHtdV8MMzFdC%2FBcgWUM%2B2noq01uQWg75%2BJtwy"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
666d5d5069944e8b-FRA
cf-request-id
0af838a64600004e8b4a31b000000001
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.expressodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 13:09:35 GMT
x-content-type-options
nosniff
age
497160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:09:35 GMT
BebasNeue-webfont.woff
pbr-def.srvsite.com/template/noticias/font/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pbr-def.srvsite.com/template/noticias/font/BebasNeue-webfont.woff
Requested by
Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f06d878a8a3ec306f39b23e6d3c3296bc1ef6d08a50f9891d9d65e8a232a9dd

Request headers

Origin
http://www.expressodopovo.com.br
Referer
https://pbr-def.srvsite.com/template/noticias/css/estilo.php?token=d464130376n566j4k4c4p4r4n484s5t5w506h4k4r4i5k4n4i5i4y204i5h4v5r2g5n40574a4v2v2q25434y2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2017 19:29:34 GMT
server
cloudflare
etag
W/"4b80-55c64134f4380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qjMF0CK5z%2FVwFc3n0eup38WGPXoNmviBQ%2FxtmdQ7kKxDQh1KR1dceG7XlwS2PnSylfI8LvrdRnF3dJnFk6%2FeCp9ygZFJAi8qcs3rneqKhRr5rku2Iv2IrfiEmeWN4yFUSjwYv%2F6fkYD44tVN"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
666d5d50699a4e8b-FRA
cf-request-id
0af838a64600004e8b821d1000000001
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.expressodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:31:16 GMT
x-content-type-options
nosniff
age
571459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:31:16 GMT
likebox.php
www.facebook.com/plugins/ Frame CEC9
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false...
  • https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=fals...
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c6bb4f22ca7071228c518fc82c8fc201deb6c8072e05c4aaa860cd7f66d3d898
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.expressodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.expressodopovo.com.br/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
dhVpQST1BubHoM3t60unuADtL+DWcFOb6X1tv+I9/dCVphgoQ6jK2ni8zkxAqN8reHXhNWVP2sDo97VDMFirlA==
date
Tue, 29 Jun 2021 07:15:35 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

Location
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Non-Authoritative-Reason
HSTS
not-8546-20210628110549.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210628110549.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667e141b90a6dd5710edc8fb77e63567e4719afcc26b73fcf66e0655c4fe84da

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Jun 2021 14:05:50 GMT
server
cloudflare
etag
"b8c6-5c5d3fc97deef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9qbRjGOM16ZAN1x2%2FYR67d%2FpnRJ6Fy05hHamI7bngQ1QuwzPbO%2BymTExkTa%2BjIasOsIFDRp3FUJdSNwMJNuXaI%2BlG5WUugrc8hPH3ZJgO4mlXHTrmFRxkhFJt4X7VvdlovQTrsp8jLpcfkAR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d509dfa05d4-FRA
content-length
47302
cf-request-id
0af838a65c000005d4b1277000000001
not-8546-20210603105532.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210603105532.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97656c6847cbe6a2b5de3a1409935dfd1bcc80a9623f943e925252d61c28a28

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:36 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
65397
cf-request-id
0af838a678000005d4d589a000000001
last-modified
Thu, 03 Jun 2021 13:55:32 GMT
server
cloudflare
etag
"ff75-5c3dcedc19b11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EDJssfaMB7yy7CRrj9ZrdWGcvp%2FCv7Om1jnRofhneQvW%2BZd%2Bvz7X05veqtHESB7%2F319fhOwuGOUWxryWSXMjNDYPyviUFRuDKk%2Bg0JgxWwaa5cwTDnlZ9Rf2vAFtvSHJsJHHBhq9Cpe%2F358P"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d50cebe05d4-FRA
cf-bgj
h2pri
not-8546-20210517105917.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210517105917.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1a6f506ee8b0b456a72d92298dbfd625609cb789918797a99cabf6f16eea38

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
99930
cf-request-id
0af838a678000005d481b75000000001
last-modified
Mon, 17 May 2021 13:59:18 GMT
server
cloudflare
etag
"1865a-5c286ffe2af44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UvIXqu5ixWFWWu8kLjE7IZwh6Q3kaBqH5K4faeeWshfJ3fd2Y4Pi%2F1gzNFWMfX%2FevFsTt%2FMHgNYyXZuarrKYC2zr4btgkxhEEWxDO%2BBmMgittEAt6%2BVhWXPWmPp7Vbguwt3xPokR8uMPM%2BR7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d50bebc05d4-FRA
cf-bgj
h2pri
not-8546-20210516220247.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210516220247.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eeff77f6ca23805894d3857683dce89844f6961ff068a3a53ed6f4ee7bc086d

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:37 GMT
cf-cache-status
MISS
last-modified
Mon, 17 May 2021 01:02:47 GMT
server
cloudflare
etag
"8898-5c27c26e22b53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zmLrNnECIxLMZieLjmkf4uzomqxGk4gY13gd%2BILxwmfBkprt4FNCYxdaNwc6duXA2MCbbbJ6Aw4xbYdhk6BUm%2FYs2RluyG%2B9gt0ytWErVLO8SnhABcaR1tlbxJqUbJZlLBF6VzI%2Fmi1eCc5B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d50beb805d4-FRA
content-length
34968
cf-request-id
0af838a678000005d4ba03e000000001
not-8546-20210617185215.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210617185215.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd93615eccf0a940e4258078e7dca077213c36314f5b7b9b849e905c53e4c61

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:36 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
47658
cf-request-id
0af838a677000005d4e38c2000000001
last-modified
Thu, 17 Jun 2021 21:52:15 GMT
server
cloudflare
etag
"ba2a-5c4fd386ae24a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4rJOk2aRbGD2iue%2FFEm4jkklsdqvOXWc105R%2FAyBnSVGaRxqSu6TCGdnogeg%2B0a47H%2FVaRL%2FIcSyDBwkEUPw7HBmunT2EWu6tPmIBaq0Hs5Jgt6Qol0qRXEfJQNXFijyowpwhaOnblTIoIFa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d50beb705d4-FRA
cf-bgj
h2pri
not-8546-20210615113708.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210615113708.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5807c8508b4e3b72cecdb251f121060f266ce87e524be6e2936bef58dd94999e

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:37 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
62383
cf-request-id
0af838a677000005d4d30cb000000001
last-modified
Tue, 15 Jun 2021 14:37:08 GMT
server
cloudflare
etag
"f3af-5c4cee899e271"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ggw2hS7ChDyRaS1BMf1kIa3MG83YbA8J7p57SgFeBCCH1LutTT9menFJ84c0k41Nmhgia2FMDkdDLm18BUJ0SeKdwaM87wnDh6HNJz2EHVlVCmYNhljXyJ3NPlETaGJEKyu6WTTXudRB5Ycx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d50beb205d4-FRA
cf-bgj
h2pri
not-8546-20210609125012.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210609125012.jpeg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c223efe4d3e0ac76adea8bd1897241ecfedc2e181d24fadb1a7b17508814f89

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:37 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
32539
cf-request-id
0af838a677000005d4cd82c000000001
last-modified
Wed, 09 Jun 2021 15:50:12 GMT
server
cloudflare
etag
"7f1b-5c4573ae0050f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0FBaJbKmahM7rNcusFQQiPk9%2FZ3XsbO7Qb4oC2P7M8OObFdMtLak1xAin5ZjeGPVI9HD0fw6eHexfXOgP7ZIzIK7muWw3UC4%2BBUqsgYF2ehf1382HzhgfVCAsajhWDu8iVZdMy61eXkN8M7N"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d50beb605d4-FRA
cf-bgj
h2pri
not-8546-20210608111607.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210608111607.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bfe36bd1eb9c23f55d4e15cade215baabcf4560e4841d7a7caafddabb0904e

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:36 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 14:16:07 GMT
server
cloudflare
etag
"f4c1-5c441cc8be0d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i9KsNh7L3Gq%2FIAea0%2FkVeXqrT8AEfibIB6FfuKFtQwVX03VEq4OGBOozKFCVJxjfZutkpp5ibhaoFX6DbShXs3Whi1Re%2FqDb5DheNUA05BA0pphUe1lV2PeRNALIS%2FSKa76m0tWTMCfdmiSp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d50cebf05d4-FRA
content-length
62657
cf-request-id
0af838a678000005d4fdb4b000000001
not-8546-20210609104225.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210609104225.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab0ccc24ff30e817c2fe730904c5bd8ab3e1c3502e2d36b8c661f6d255cdce3

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
90559
cf-request-id
0af838aa63000005d4de008000000001
last-modified
Wed, 09 Jun 2021 13:42:25 GMT
server
cloudflare
etag
"161bf-5c45571e49dd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gsTYFI4EauXftHomrBsl9BiX669JZe%2BvyE5Otba9pRosyb9aW422VFcOL%2Bkg%2BGv6yaemCg96EH%2F7Wv6s4vVl%2FvXZgxFvr3ZH9sjynS1fa4qJJBIpSDOnPhgJU%2FzNf%2FxfEf12GmQF%2Bq1grlqG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d570f2505d4-FRA
cf-bgj
h2pri
not-8546-20210527093331.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210527093331.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36041cfcfcee97185f3799cde39d9ca510c2cfc52a2f590a9ffc7108b20bed23

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
76835
cf-request-id
0af838abc6000005d4a999a000000001
last-modified
Thu, 27 May 2021 12:33:32 GMT
server
cloudflare
etag
"12c23-5c34ef792d8a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HdwlN9pdETDlDreZiLZps6e0OGGwLF2r5IY5XRnftfdJJinQ2c%2FDg6cNBQkHImLKnkBDg5XSeGUuEj1V0ZoUf%2BunaweC5OVJ5SGw0KzZ45x6gheN9rx5ZAiPonHzfBFgGQKdXbpu2NqBVgzR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d593c8d05d4-FRA
cf-bgj
h2pri
not-8546-20210520141040.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210520141040.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb839bc964e5c9947f243819445e62015e71252de9af679750b6d260cbd4ac8

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:38 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 17:10:40 GMT
server
cloudflare
etag
"b57c-5c2c605cf0f6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JjIXqjr6DJ3wSSMguAUm%2FiKIzdaIJ0eErqR7dyZR%2BYNUn7nExnToHCQMpQfNmFsy1D7knun3oQV5HJoHsBRS6XNr4H%2F0Wh3ZfuXXO1mnjhHyx9YKQSpP8Tf8dNoDUhwZsyr%2ByUrdIwD0tmoS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d5a4f6d05d4-FRA
content-length
46460
cf-request-id
0af838ac6e000005d48208b000000001
not-8546-20210518102624.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210518102624.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a247609de45112a1d4887ae09ea17f3c4d6286bff56aef6d797909e96fba3eb1

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
53302
cf-request-id
0af838adb0000005d4148df000000001
last-modified
Tue, 18 May 2021 13:26:24 GMT
server
cloudflare
etag
"d036-5c29aa816706e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DUqRkQgjKvjckQxcOeT9JUAn2quVmdU2nn6Zjgg72pbCcK65mDdBCnEb%2B35K21lmsUi%2B9e8CEy1no3UMmaURJ6y%2FDMRxObyyrcdovc2EJozhwzbLTR4QCIdR%2BJtoevpZl5JC7ai15FbdYXQ%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d5c4c4705d4-FRA
cf-bgj
h2pri
not-8546-20210621110145.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210621110145.jpeg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f89bf114a75de6ebc1b27d085cfe9152ea325b9ed2cc18f918ef5c8febd1a5f1

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:38 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Jun 2021 14:01:45 GMT
server
cloudflare
etag
"16d98-5c5471d1b922e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8ePPOD92k7Xg8ZN8tzs1VyJnUf%2FYuhKAuAUW7EMGxj4pRRiECI3TpjEqMbQQuTvy0zFqSZh260y5S0FgQoYEhHqVmNM5QzvFS6kB1ycyBXifz9ais6BfDqlkK2z%2F24bMod4gXEud2Jl8kM8R"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d5c6c8205d4-FRA
content-length
93592
cf-request-id
0af838adbd000005d4d00c5000000001
not-8546-20210614090814.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210614090814.jpeg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75998654c58c2b7fd2ca967e3e314eaadebb2e53aa3c7519f33a291918ffc8f8

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
45658
cf-request-id
0af838ae05000005d4dba2b000000001
last-modified
Mon, 14 Jun 2021 12:08:14 GMT
server
cloudflare
etag
"b25a-5c4b8b64abf40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jBn4wxmZMfZpT4mJfBtxb%2FIdOX2Zk%2FT9ny9FDKF20mxLl5ZGs9%2BWRaOcuy4Eonx12ZZoJRztLkT6OglQAk4mpkcAGQ%2Bt4%2FxXT%2BxP92gUN3QRQLhWloRwmFR22dpGZvqvhmRYWcbTezkcKmLF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d5cdd9205d4-FRA
cf-bgj
h2pri
not-8546-20210610112633.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210610112633.jpeg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3dda9b0be30fc7a6662660973520ea6ae5cae9225af00061cbc1c2f7d1d11c

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
95825
cf-request-id
0af838b1b1000005d4f0947000000001
last-modified
Thu, 10 Jun 2021 14:26:33 GMT
server
cloudflare
etag
"17651-5c46a2d8d1c72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UPDmimLuxwJNURkayEDR5q9q94Jn8zCoYwFm1mThurywjV2Vh6j5YumeXyaKeRGDk2tKWl22Z1WvgAvy7mTxWFtj17sKlekiW%2FHzGzHc5bus37dRr0p5k5DdoDmrU6bJQYWZYk6hSSne8o%2B1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d62bcb505d4-FRA
cf-bgj
h2pri
not-8546-20210608103717.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210608103717.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d263a23a56a4cf7cf47700174573581d7602e98d2e0c4430b3496823b24697

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
96883
cf-request-id
0af838b1b1000005d4bca5c000000001
last-modified
Tue, 08 Jun 2021 13:37:17 GMT
server
cloudflare
etag
"17a73-5c44141ad572e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oseajzEFmaPLgqEfYVmmIZjERZhzqE%2FxDnzcnCneEegsU%2FLZW9GhVIPXy5OrW%2ByK1TPKKPKfy7pCuNVIoI%2Bv9cLHjkkXBiBZCrMIUM0SErKDXBWDMOHcRKFhq7Oh4TMkAtYTE5DuJEsAJk47"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d62bcb705d4-FRA
cf-bgj
h2pri
not-8546-20210628114302.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210628114302.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1f430ef08abea562cb6e65138950b97e3040673db123d92b9c0dc97b7f9abc

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Jun 2021 14:43:02 GMT
server
cloudflare
etag
"cf06-5c5d481a20fdd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=29FYg1B4liIpd7lrk9O%2FkCwRgSFl1Cdh%2FeSeO37HDgUDnDPKwdGEvrA2jstWLZDzoA%2BIl%2B4N6mrKyQTO6DeWZithX%2B9jRSAiNUfevUxpjOCH65j1SaRJbqFqs4wM5Vn4EBtf0fBegLhrHqDy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d62bcb905d4-FRA
content-length
52998
cf-request-id
0af838b1b1000005d4c61bb000000001
not-8546-20210625141920.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210625141920.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5020566d30f620e70b7422d861e02d12342300c26cfbf8dbbb18cf7c257fba6

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Jun 2021 17:19:20 GMT
server
cloudflare
etag
"eeb7-5c59a571eb488"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eS1fRBj2EeJJdHG63JNDzaa0pisyk1arynqlIR9cNXIpmxaBdJwzMywlV%2BHpGl1QV0BpF3PI3t1%2FmthXotjKpD2owfy11jrt2VYCNpY0u9Ag7xMdkZyIQdBnzP3M7x%2FD2R%2BUscLeG8IGUWO9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d62bcbb05d4-FRA
content-length
61111
cf-request-id
0af838b1b1000005d4f583e000000001
not-8546-20210624113503.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210624113503.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a6cc49565246fb697262f9d554a073475a1af0e186ba8d711d9f24445e119d

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
52383
cf-request-id
0af838b241000005d4b7885000000001
last-modified
Thu, 24 Jun 2021 14:35:03 GMT
server
cloudflare
etag
"cc9f-5c583edc2152e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RbCS7PcWmeaOBuRJrF4rkePiZXcHLghqpRTHnsyJuS78bqFUanoDNv8oQu8bYuh8uWEsNMSyyk2PNZBdk5Sco2TuF8rq6H77XpJRgrg8RVtn5Yotp2HUWYunkvUNmwgalnvM736gYGIG3TLW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d639ecc05d4-FRA
cf-bgj
h2pri
noticia0.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia0.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8200a5d20f41f6ad69577d098b9a4acf3310a887e28e5114b0a52ae517664c

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
21190
cf-request-id
0af838a662000005d4cd829000000001
last-modified
Tue, 29 Jun 2021 03:00:03 GMT
server
cloudflare
etag
"52c6-5c5decd71d066"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D5x0vi2rSyDXeZIWAW0B%2BRrgE9icsWRPN1czZbH%2FPXLv4I1a8nXfwmgjHM5%2BJ87UCQxf32cTryiJ2524%2BtYJbJyRmFS7eZuNpu5fWrMCPsSa0ufiufcy91HH%2BoPoQTwFi1qRUtAkGWWZr1xB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e2705d4-FRA
cf-bgj
h2pri
noticia1.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia1.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b8e6697ad419130d904dc70a53a7ace2964cb2b76d94770e1f0b874e30595d

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
28559
cf-request-id
0af838a662000005d4d5896000000001
last-modified
Tue, 29 Jun 2021 03:00:04 GMT
server
cloudflare
etag
"6f8f-5c5decd84aced"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=11O8HQpOvt2RRtWmaThv4ShMGwWZMQvuMJJsTZA1hb%2BDcOmcR8doZiYhKJhGnLUrfEDPYZOME%2B2oFzltK7AMzT98tatoYIWM9RLiWokvFufsVIFdqRiTc3cFmR9YcIlO7bFLQl22WrCLbPkk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e2905d4-FRA
cf-bgj
h2pri
noticia2.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia2.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc0432ddb53d827c2b2213848618fd3b7045749035e01e540fb7a731ee8eafb

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
40204
cf-request-id
0af838a663000005d408bda000000001
last-modified
Tue, 29 Jun 2021 03:00:05 GMT
server
cloudflare
etag
"9d0c-5c5decd9333fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MSfSO1OPc5rzlVSFTTCWN5xjO9pNiPte9uUUAdIjc0ELQL6Y6kgvZREdU4Duvjy7LO%2Bc%2FiVuVkGud5%2BXpc8PiXzKIxtcWfWoL0xCo0wCNN3SlcCaiNfCMMJ6EMWalzfbb8u4i%2BMWCf6PiNwm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e2d05d4-FRA
cf-bgj
h2pri
noticia3.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia3.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab7fadd0d832ba9cf9d334a636703797edeb9330b6fcefeb13c7daf5cf286ebc

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
33339
cf-request-id
0af838a663000005d4e8bfe000000001
last-modified
Tue, 29 Jun 2021 03:00:08 GMT
server
cloudflare
etag
"823b-5c5decdbe5bc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vRbTTIW5eEvrdFTFITImU8JdrW%2BAxRz7vHkKPcUQQfhuYqscAWwFRg2INU%2B3bFCvvktyXOANfQmUWm418NmH66khB6JovF1oyLqq%2FVZ0AWkUk7l7sDDP8TNyxbmurdvCdYKO6xtfGiiekIKU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e3105d4-FRA
cf-bgj
h2pri
noticia4.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia4.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1355292d949ffcb37a7e45927a6afac6c9fb389f5dbc8daf28a5c79ab4b149

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
24275
cf-request-id
0af838a663000005d4e63c5000000001
last-modified
Tue, 29 Jun 2021 03:00:10 GMT
server
cloudflare
etag
"5ed3-5c5decdd33bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QR8IKuOEyt%2BtON0uXz8nmlFki9E%2BI7efj3B6uuRw6kAELtN%2FiZBISBILhsSm8%2Flqq3fkrXtMhzsafKBTQbEJTnzhXS%2FbA17EJKU%2FxOIiR1F05xJz5g5gqZZUF10bvzijYD24h6laoELLVM8i"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e3505d4-FRA
cf-bgj
h2pri
noticia5.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia5.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c58deef7607a5976d8a3c2f52e703eb83d9916f56bf7adaaff39a7b2fc049562

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
29714
cf-request-id
0af838a664000005d417a60000000001
last-modified
Tue, 29 Jun 2021 03:00:10 GMT
server
cloudflare
etag
"7412-5c5decddf7138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bYoF4a3ZH4Z1FVKySrXrlc%2FHt%2FzHjmX0afJQvrk6QQkDw2sXyfyT6MHSs0y4TU8LKFL5G5Oy5yp41724e17LB2cmZi8ENYfsBLGEYp04DWGA8I7R6OSrsI%2FebSFor8fePeQp3KUR3%2F9Tp8Jv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e3905d4-FRA
cf-bgj
h2pri
noticia6.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia6.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c8fda15d970471ebc3ffad1dd55a2dd0c3f0c3b5029200d41a523119a4c379

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
26638
cf-request-id
0af838a664000005d411a8c000000001
last-modified
Tue, 29 Jun 2021 03:00:12 GMT
server
cloudflare
etag
"680e-5c5decdefbd71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wjgJg%2F6E4hKwP7KJhJbUFwZG1wmnufS7x83cAmuBBYWIkjGtZHfFEjbLE%2FjZS%2BEmZdS5vUwracyyTFUm5HgzNSXJREnjgZY7w%2F%2Fw0s88fDSYUKbnbjgz2geJXZ%2B7rXifNDO2HCqIcnFJcJhZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e3b05d4-FRA
cf-bgj
h2pri
noticia7.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia7.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ddfa09b1bd9db6844d00f66dcafd2f1f14bdc5b75f0c6c0236cb246cbeb141e

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
22809
cf-request-id
0af838a666000005d4a1ab7000000001
last-modified
Tue, 29 Jun 2021 03:00:13 GMT
server
cloudflare
etag
"5919-5c5dece074d30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FevsZSqsfpjiw9GDl3iwv4%2BBeaAXskWh%2FDwoxDMUWwwopdqdIbhnUBwP4e4ZbMb%2BB5L3CqB5kwpS%2FVPqQIOjXus8ozh%2FDYd8icCSnvSfRriWYR6yFdrCCMfyxJhxrQpeUxdtpj5ivzBrA%2BOQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e3f05d4-FRA
cf-bgj
h2pri
noticia8.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-def.srvsite.com/scripts/noticia-atual/noticia8.jpg?data=ada1edb474774653b6e7f3234f6f651e
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad4c21936d0eb830bf3f540d24d4890d9492047b6f82f50f34982313d1b7bb89

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
701
content-length
14709
cf-request-id
0af838a664000005d4cb010000000001
last-modified
Tue, 29 Jun 2021 03:00:17 GMT
server
cloudflare
etag
"3975-5c5dece4716aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZbjYKwzQCDmL0XlXkWLttCKPPz28R6%2FlhNnBS9fX8RQbEeKHxSjaaz57BHViTr9NAFAY3TOZUBWsUnJOt7c3YQvv9IMwcgKzzAkLF%2BRtN2nomKEr6UjSs3KzJxEZnHnzjGOPvyU%2Frnp3OOfJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d509e4005d4-FRA
cf-bgj
h2pri
hqdefault.jpg
i1.ytimg.com/vi/wUHsyRgnsPg/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/wUHsyRgnsPg/hqdefault.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eeadb37f92da3fc82aaa7834bf9f38b1e656bad867c014287375bb09d729cb9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 06:21:42 GMT
x-content-type-options
nosniff
server
sffe
age
3233
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19325
x-xss-protection
0
expires
Tue, 29 Jun 2021 08:21:42 GMT
hqdefault.jpg
i1.ytimg.com/vi/gYBzHhvqF_k/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/gYBzHhvqF_k/hqdefault.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:32 GMT
x-content-type-options
nosniff
server
sffe
age
3
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=30
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1097
x-xss-protection
0
expires
Tue, 29 Jun 2021 07:16:02 GMT
hqdefault.jpg
i1.ytimg.com/vi/nLJgYCGCB4s/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/nLJgYCGCB4s/hqdefault.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3deffcfa87fc2372ad0a499e7839177b1f07cc5e949754825e97b803a87a52fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 06:21:42 GMT
x-content-type-options
nosniff
server
sffe
age
3233
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9071
x-xss-protection
0
expires
Tue, 29 Jun 2021 08:21:42 GMT
201212191018431.jpg
pbr-str.srvsite.com/arquivos/8546/galeria/943528/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/galeria/943528/201212191018431.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16d90af33c6eb709e5081e03595244176455b43361cc4222feb05a0b45999108

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
57072
cf-request-id
0af838b243000005d4e1149000000001
last-modified
Fri, 18 Dec 2020 11:37:44 GMT
server
cloudflare
etag
"def0-5b6bb8968e8b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RoWB0Tx8WPA6j5ASu%2BOEYdn%2FJM3ksrXHuZkVepsXpL8zYgg%2FLg2sGFIl7Nw%2BpuUsavefij6peu%2Fjmnc6Crgy8G6xwonsS8j9RgjvtKppk0E1rL6XcZXcdh1bfK%2FrdG%2FHzcybPgEZXT3dtSUk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d639edb05d4-FRA
cf-bgj
h2pri
201212190958152.jpg
pbr-str.srvsite.com/arquivos/8546/galeria/943527/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/galeria/943527/201212190958152.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89906256173fca5b350116d6af0a29daf87b322e710e5f3ed8c708327c8856e8

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
55262
cf-request-id
0af838b5a1000005d4c8974000000001
last-modified
Fri, 18 Dec 2020 11:37:44 GMT
server
cloudflare
etag
"d7de-5b6bb8968e8b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dyW43M9ZbGUyeBaJmvY%2FKZT5uwt%2Bu8ZgNHmYaqKxELQUG1uc1oQQmXgv7pymio0xpw7akus6T9tOswOHfl8Uh1GOD2ldMAFSeqvKk%2FPqhM52evvEEfKBnmW1LzwLs1PM8q1O%2BhL3JYvIjwBB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d690c0605d4-FRA
cf-bgj
h2pri
2012121910002912.jpg
pbr-str.srvsite.com/arquivos/8546/galeria/943526/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/galeria/943526/2012121910002912.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
395938104eef4d42a03e1e319f02a5b30ac0ccab534eb1b75b1fb744678361b5

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
content-length
106189
cf-request-id
0af838b5a2000005d4ba1cb000000001
last-modified
Fri, 18 Dec 2020 11:37:44 GMT
server
cloudflare
etag
"19ecd-5b6bb8968d912"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LjF6ovg37qv4yyBHz9qovtRnOMKpmXQ5%2BIpvD8t3A348t7jUqcu6uYXbmRIOkJ6e%2FM5JC9eaGykZeIXg5UGXagGkwL58w%2FCrYwbVwn7lAMdixWpSlLfFv3HKehker9G6SaCBJJ8ULq6jRk74"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d690c0705d4-FRA
cf-bgj
h2pri
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/ 		240 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91041
x-xss-protection
0
server
cafe
etag
14008214618944263571
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 07:15:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/ Frame 3091 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210624/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.expressodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.expressodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 28 Jun 2021 17:39:14 GMT
expires
Mon, 12 Jul 2021 17:39:14 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
48981
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		211 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.expressodopovo.com.br&callback=_gfp_s_&client=ca-pub-2140207384726849
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9845885752cee346c385b123b34bbb2823c628ac9b8c580c2e58ddef647c68f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.expressodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.expressodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E448 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2140207384726849&output=html&adk=1812271804&adf=3025194257&lmt=1624950935&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.expressodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1624950935196&bpp=3&bdt=269&idt=54&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4236777953737&frm=20&pv=2&ga_vid=999208813.1624950935&ga_sid=1624950935&ga_hid=2116064157&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061661&oid=3&pvsid=3026253954569732&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2140207384726849&output=html&adk=1812271804&adf=3025194257&lmt=1624950935&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.expressodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1624950935196&bpp=3&bdt=269&idt=54&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4236777953737&frm=20&pv=2&ga_vid=999208813.1624950935&ga_sid=1624950935&ga_hid=2116064157&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061661&oid=3&pvsid=3026253954569732&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.expressodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.expressodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Jun 2021 07:15:35 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 29-Jun-2021 07:30:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879999447392"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Tue, 29 Jun 2021 07:15:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-2140207384726849&c=9&e=2570847921467975139&n=0&t=0&w=545&x=2
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 07:15:35 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
CIfOK1lbXEA.css
static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/ Frame CEC9 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/CIfOK1lbXEA.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e74ac86b2c2156c29777a24d3ecec6458808d0290c0150336d0075c78b10392
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
y9mJbSzf7xwjTa2XiOdQtw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4836
x-fb-rlafr
0
x-fb-debug
QyDUgT1smnmEHxR8Gq/OxNdzVD2kgx8hK1s6/QzvhaKYd0qRHg9O+4slm/y4IwDMLAlraM7HG0SPRsAAn/Eulw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 28 Jun 2022 16:46:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a6b735052bec0318e14ec2031a9d5ecac0e37fd4d361ffd685ca46215326d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Jun 2021 07:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8387
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1&bust=exp%3D31060974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 29 Jun 2021 07:15:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1B73 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.expressodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.expressodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 29 Jun 2021 06:47:28 GMT
expires
Wed, 29 Jun 2022 06:47:28 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3F99 		783 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1643a98a863ca4f0c68c797e1c48841d8675d29e22f15947c3733ff43f432d6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HA/JMkgRMAS9n8Nz9K626g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.expressodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.expressodopovo.com.br/

Response headers

expires
Tue, 29 Jun 2021 07:15:39 GMT
date
Tue, 29 Jun 2021 07:15:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-HA/JMkgRMAS9n8Nz9K626g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame 1B73 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:00:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 07:00:16 GMT
not-8546-20210625141920.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210625141920.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5020566d30f620e70b7422d861e02d12342300c26cfbf8dbbb18cf7c257fba6

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
content-length
61111
cf-request-id
0af838b803000005d4eb1fe000000001
last-modified
Fri, 25 Jun 2021 17:19:20 GMT
server
cloudflare
etag
"eeb7-5c59a571eb488"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yDruEU%2BHM55FpWXy1%2F6kKJm1PycrTADPxkV6qcc9hNKCU8H%2FEmrFDfEuPLe%2FLot0phUjFfQfDn5mav7QubrKvWcGEgIDtDZUf70nZfWWPBm1ZBVoX5wuW1JQ5gu8OKUTNkjgsHEY%2BF5RViSD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d6cdd0505d4-FRA
cf-bgj
h2pri
not-8546-20210628113151.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210628113151.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443019840e55c6761d8f4aa04261a342a573edcbca89ffc18f7f40e57aecb396

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:40 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Jun 2021 14:31:51 GMT
server
cloudflare
etag
"17036-5c5d459aeb40b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zxsFLs%2B4BtzJZ%2FPn9RdpXDcSca0nDtYaQZZLY9jy7HvQAzwqUFmAb36veVWBIgEiksPZSL5%2B1yG8LKhz%2FoaO41f0tso5XUPmh1jY039J6YhHiv6HrbhpqlpajHpuwpI01udh%2BbLDESfC7txg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
666d5d6cdd0c05d4-FRA
content-length
94262
cf-request-id
0af838b803000005d4f09e8000000001
not-8546-20210628110549.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210628110549.jpg
Requested by
Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667e141b90a6dd5710edc8fb77e63567e4719afcc26b73fcf66e0655c4fe84da

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 07:15:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4
content-length
47302
cf-request-id
0af838b808000005d4821b5000000001
last-modified
Mon, 28 Jun 2021 14:05:50 GMT
server
cloudflare
etag
"b8c6-5c5d3fc97deef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nk1mF42hZc1SMEcKrH2zNwm0Gkn3KD4uZ5c1b74fJvrMAGYgCuTyigP6aH6HyP4WmHI7F1EkKbIvLwQ2hNL3wg5JqoTQbnResmrOj1zvBG6KM%2B85ifYUtaNg2TsQLsatw1%2BLFKlY%2FtFYSGZP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
666d5d6cdd0f05d4-FRA
cf-bgj
h2pri
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=3026253954569732&bg=!wMOlw4fNAAYo4NJEKOA7ACkAdvg8Wsy_Q03SnDauVNFfDhFvcnyy0fw1MZq_ZdlCkcmEPHThsenYxwIAAACCUgAAAA1oAQcKAAOhwpeZAn0NlyUpvz_0ngkotZb7wxBnjgXliFdPOu5geEg1YaQBWb-Is-Ol0eXH6s361ALXmbR3LLZm7NrL6_xXOE3Gz0EXtruLXtBYw3twR4qv1MIV7VcJqXAy4UlHazZOeNhaajiSneno2UF6ZtwvPobF-sbArdKKjaLyg97LkH7vGU0AvSLG0Mnh_cFPTW4p6WqXiRth_UXKOYNdPcyj12JP-MeX-zn9zAvMR7le50eZcxSqPt6n8C7L5s8-H9cGQOP8qeS5pGy-26zwuaAIztVofyXU_NMKp9fAkwuwp45bUsdeXgIr35yOEbTEKUVClStufXSfMOqjSYCwp5vfn0LnZhSWs_fOYmd0k_daxSXNCgYnaEY3U-jqtutp7YePVxFk9MWF9oMEx-5_PqoC021uEBkQG0zfnDnITJK2vm6-NKfNLqR6EWFBOBlEe-JIoFidaleI1EfwRjXnsbAgihfx0wISJZGQB9gR1E2L8PixgKmJwF5Yuk8hCUjtep91sFNOyWUlUR_gTviNmPyL-PNbhXWNZX65LzuatCl6TPCROvBbcfEdIlGkmBvHsQ9rxm_fLis8dmT5vi6XJGjT-JiK6Bzz0id1_nCN5RKCglkQCaX7UgRZoSUtyG-btOsfoli6DbRmgjLyySwPtqwlZbnppXEFPnzqHiZ7U6Ya7heV2YFJ4i46BL9km3EYCjcCDG0Q6ldVRoLCma0UFvcd--LSyqhllTW8oHmS2ERtrA4jI3Te0ut48pDmo6XiBRsMZ69ALXRCxdkNV1h7OPdTztdENaRxnfy_INT0svtNaAtdFSrhsQX8xAl-Sq8jRkZ5jBR5G2f5JEcS0FvGYZT0znd3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.expressodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jun 2021 07:15:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| pedidoenviar function| enquetevotar function| enqueteresultado function| getCookie function| toggle_visibility function| aud_play_pause function| clique object| options string| prnDt object| jQuery172023386386577342888 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.ytimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbr-def.srvsite.com
pbr-str.srvsite.com
static.xx.fbcdn.net
tpc.googlesyndication.com
www.expressodopovo.com.br
www.facebook.com
www.google.com
www.googletagservices.com
142.250.185.130
165.227.252.94
2606:4700:20::681a:160
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
09a6cc49565246fb697262f9d554a073475a1af0e186ba8d711d9f24445e119d
0a5b91086e79560877ff54970caab310af98c8b4f24db75ac8e9d0c1048e949d
0ab0ccc24ff30e817c2fe730904c5bd8ab3e1c3502e2d36b8c661f6d255cdce3
0b1493d33b5db80b342aba5078d3cab31d140fca30a89baa0c6902b8fbfa5a5d
0b7c8a39e086999e9204451388903236efba819cea2eb888a22d0261f4a2d913
0bc0432ddb53d827c2b2213848618fd3b7045749035e01e540fb7a731ee8eafb
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0e74ac86b2c2156c29777a24d3ecec6458808d0290c0150336d0075c78b10392
10e4d664df4253195736eb70d4da133fd5da5814679fec7eef0560c2b485ba04
1643a98a863ca4f0c68c797e1c48841d8675d29e22f15947c3733ff43f432d6d
16d90af33c6eb709e5081e03595244176455b43361cc4222feb05a0b45999108
1dadfc2259d45cd231c80d9e69dc11991eb0753dfb4b8f8f8e89fc4f72833e76
1e2b955edc7329fb3bb79eb9daad182778b9c6d1745e06647c8a829a41201df9
1eeff77f6ca23805894d3857683dce89844f6961ff068a3a53ed6f4ee7bc086d
1f06d878a8a3ec306f39b23e6d3c3296bc1ef6d08a50f9891d9d65e8a232a9dd
1fbd2c8347ea21c3aec216324f187409683dde29021154cb7ae0ed0f115a7089
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
24bfe36bd1eb9c23f55d4e15cade215baabcf4560e4841d7a7caafddabb0904e
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
36041cfcfcee97185f3799cde39d9ca510c2cfc52a2f590a9ffc7108b20bed23
36d263a23a56a4cf7cf47700174573581d7602e98d2e0c4430b3496823b24697
395938104eef4d42a03e1e319f02a5b30ac0ccab534eb1b75b1fb744678361b5
3a6b735052bec0318e14ec2031a9d5ecac0e37fd4d361ffd685ca46215326d0e
3d1f430ef08abea562cb6e65138950b97e3040673db123d92b9c0dc97b7f9abc
3deffcfa87fc2372ad0a499e7839177b1f07cc5e949754825e97b803a87a52fd
443019840e55c6761d8f4aa04261a342a573edcbca89ffc18f7f40e57aecb396
4a6e02b00dadff3552cc2958791078e4b11fe3d997eb64a0132e5239b78473f2
4c223efe4d3e0ac76adea8bd1897241ecfedc2e181d24fadb1a7b17508814f89
4e1a6f506ee8b0b456a72d92298dbfd625609cb789918797a99cabf6f16eea38
4f3dda9b0be30fc7a6662660973520ea6ae5cae9225af00061cbc1c2f7d1d11c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5807c8508b4e3b72cecdb251f121060f266ce87e524be6e2936bef58dd94999e
5d3ab3c83c72b3220bfe179f795d6c87e2d87756577c5a7d51fdd99e89206944
667e141b90a6dd5710edc8fb77e63567e4719afcc26b73fcf66e0655c4fe84da
67c8fda15d970471ebc3ffad1dd55a2dd0c3f0c3b5029200d41a523119a4c379
6ddfa09b1bd9db6844d00f66dcafd2f1f14bdc5b75f0c6c0236cb246cbeb141e
75998654c58c2b7fd2ca967e3e314eaadebb2e53aa3c7519f33a291918ffc8f8
77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716
7af0a3c8dff6ac422f4ef2274045a749085d566eb0ad957f326ab270b3098c03
84b8e6697ad419130d904dc70a53a7ace2964cb2b76d94770e1f0b874e30595d
89906256173fca5b350116d6af0a29daf87b322e710e5f3ed8c708327c8856e8
907276980502fa46d291804beb7e7e3665d4907436705d04e89f92d31e7feb0f
91198bd25a83e9f7f25a6584d11523fb0e94e51e0a943b7cf09113e82c9cfeae
9845885752cee346c385b123b34bbb2823c628ac9b8c580c2e58ddef647c68f9
9f836e916c10a354fb88633fdbeb3314638168b22d0b5307854505b8ed18615d
a247609de45112a1d4887ae09ea17f3c4d6286bff56aef6d797909e96fba3eb1
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8f545f058f2720aa1a60fdf7bea0e9b45f631ac4c455a8cdb6063bf8af0d560
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
ab7fadd0d832ba9cf9d334a636703797edeb9330b6fcefeb13c7daf5cf286ebc
ad4c21936d0eb830bf3f540d24d4890d9492047b6f82f50f34982313d1b7bb89
aeb839bc964e5c9947f243819445e62015e71252de9af679750b6d260cbd4ac8
b3fc825b9d10f702e321a3f5a28b695c893a1cae6cae989038c459b7a64afeec
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b97656c6847cbe6a2b5de3a1409935dfd1bcc80a9623f943e925252d61c28a28
c5020566d30f620e70b7422d861e02d12342300c26cfbf8dbbb18cf7c257fba6
c58deef7607a5976d8a3c2f52e703eb83d9916f56bf7adaaff39a7b2fc049562
c6bb4f22ca7071228c518fc82c8fc201deb6c8072e05c4aaa860cd7f66d3d898
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cedd7e3ecef2cd050c2e053e3e60cfafbf904acdeba7925bc87f6f4dfcdf80f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1355292d949ffcb37a7e45927a6afac6c9fb389f5dbc8daf28a5c79ab4b149
eeadb37f92da3fc82aaa7834bf9f38b1e656bad867c014287375bb09d729cb9c
f89bf114a75de6ebc1b27d085cfe9152ea325b9ed2cc18f918ef5c8febd1a5f1
fb70827d2642f5d077cdec125b934d00204a3a1e835acac5d90ba25b7ebea08c
fbd93615eccf0a940e4258078e7dca077213c36314f5b7b9b849e905c53e4c61
fc8200a5d20f41f6ad69577d098b9a4acf3310a887e28e5114b0a52ae517664c