www.opovo.com.br Open in urlscan Pro
2606:4700:3033::ac43:c0c1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.opovo.com.br.us2.cas.ms/
Effective URL:
https://www.opovo.com.br/
Submission Tags: krdtest
Submission: On August 11 via api (August 11th 2021, 9:10:49 pm UTC) from JP

Summary HTTP 262 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 33 domains to perform 262 HTTP transactions. The main IP is 2606:4700:3033::ac43:c0c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.opovo.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 12th 2021. Valid for: a year.

This is the only time www.opovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.81.121.140 40.81.121.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ea4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
27	2606:4700:303... 2606:4700:3033::ac43:c0c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.101.189 143.204.101.189	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
13	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	54.192.219.13 54.192.219.13	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	51.79.78.239 51.79.78.239	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6 10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	34.68.90.188 34.68.90.188	15169 (GOOGLE) (GOOGLE)
21	143.204.98.24 143.204.98.24	16509 (AMAZON-02) (AMAZON-02)
1	54.192.219.3 54.192.219.3	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	200.194.101.94 200.194.101.94	11921 (SECRELNET...) (SECRELNET INFORMATICA LTDA)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	52.84.45.108 52.84.45.108	16509 (AMAZON-02) (AMAZON-02)
2 12	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1	130.211.47.109 130.211.47.109	15169 (GOOGLE) (GOOGLE)
3	34.107.167.126 34.107.167.126	15169 (GOOGLE) (GOOGLE)
1 4	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
262	54

1 40.81.121.140 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.opovo.com.br.us2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3033::ac43:c0c1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-189.fra50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.219.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-13.mrs52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.78.239 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns568638.ip-51-79-78.net

player.transmissaodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 188.90.68.34.bc.googleusercontent.com

forms.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 143.204.98.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-24.fra50.r.cloudfront.net

embed.radiopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-3.mrs52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 200.194.101.94 (Fortaleza, Brazil)

ASN11921 (SECRELNET INFORMATICA LTDA, BR)

mais.opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.45.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-108.mrs52.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.90 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.70.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.47.109 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 109.47.211.130.bc.googleusercontent.com

nxtck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.167.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.167.107.34.bc.googleusercontent.com

cdn-ssl-as.nxtck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.23.46 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal900023.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.233 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	510 KB
34	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	221 KB
31	opovo.com.br www.opovo.com.br mais.opovo.com.br	4 MB
21	radiopublic.com embed.radiopublic.com	220 KB
15	ampproject.org cdn.ampproject.org	302 KB
15	google.com 2 redirects adservice.google.com www.google.com	14 KB
11	2mdn.net s0.2mdn.net	148 KB
11	youtube.com www.youtube.com Failed	708 KB
10	googletagservices.com www.googletagservices.com	296 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com	8 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	121 KB
7	googleapis.com fonts.googleapis.com	126 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900023.redintelligence.net	9 KB
5	google.de adservice.google.de www.google.de	1 KB
4	nxtck.com nxtck.com cdn-ssl-as.nxtck.com	13 KB
4	google-analytics.com www.google-analytics.com	39 KB
3	transmissaodigital.com player.transmissaodigital.com
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	azureedge.net mcasproxy.azureedge.net	42 KB
2	cloudflare.com cdnjs.cloudflare.com	19 KB
2	facebook.com www.facebook.com	235 B
2	facebook.net connect.facebook.net	97 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	googletagmanager.com www.googletagmanager.com	84 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	29 KB
1	contentspread.net cdn.contentspread.net	77 KB
1	ytimg.com i.ytimg.com	21 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	rdstation.com.br forms.rdstation.com.br	36 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	48 KB
1	jquery.com code.jquery.com	30 KB
1	cas.ms www.opovo.com.br.us2.cas.ms	834 B
262	33

	Domain	Requested by
38	tpc.googlesyndication.com	www.opovo.com.br cdn.ampproject.org securepubads.g.doubleclick.net 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net
27	www.opovo.com.br	www.opovo.com.br
21	embed.radiopublic.com	www.opovo.com.br embed.radiopublic.com
15	pagead2.googlesyndication.com	687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.opovo.com.br www.googletagservices.com securepubads.g.doubleclick.net
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	www.google.com	2 redirects www.opovo.com.br www.youtube.com securepubads.g.doubleclick.net 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com tpc.googlesyndication.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.opovo.com.br www.opovo.com.br.us2.cas.ms
11	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
11	www.youtube.com	www.opovo.com.br www.googletagmanager.com www.youtube.com
10	www.googletagservices.com	www.opovo.com.br securepubads.g.doubleclick.net 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com nxtck.com www.googletagservices.com s0.2mdn.net
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com www.opovo.com.br 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com www.opovo.com.br.us2.cas.ms
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	fonts.googleapis.com	www.opovo.com.br embed.radiopublic.com d335luupugsy2.cloudfront.net securepubads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	hal900023.redintelligence.net	1 redirects 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com hal900023.redintelligence.net
4	mais.opovo.com.br	www.opovo.com.br
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com embed.radiopublic.com
3	cdn-ssl-as.nxtck.com	nxtck.com
3	www.google.de	www.opovo.com.br
3	player.transmissaodigital.com	www.opovo.com.br
3	687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	mcasproxy.azureedge.net	www.opovo.com.br.us2.cas.ms mcasproxy.azureedge.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	cdnjs.cloudflare.com	www.opovo.com.br d335luupugsy2.cloudfront.net
2	www.facebook.com	www.opovo.com.br
2	connect.facebook.net	www.opovo.com.br.us2.cas.ms connect.facebook.net
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.opovo.com.br
2	maxcdn.bootstrapcdn.com	www.opovo.com.br embed.radiopublic.com
1	cdn.contentspread.net	hal900023.redintelligence.net
1	ad.doubleclick.net	www.googletagservices.com
1	nxtck.com	687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
1	hal9000.redintelligence.net	687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	forms.rdstation.com.br	d335luupugsy2.cloudfront.net
1	static.hotjar.com	www.opovo.com.br
1	d335luupugsy2.cloudfront.net	www.opovo.com.br
1	code.jquery.com	www.opovo.com.br
1	www.opovo.com.br.us2.cas.ms
262	49

This site contains links to these domains. Also see Links.

Domain
adorofutebol.com.br
assine.opovo.com.br
especiais.opovo.com.br
mais.opovo.com.br
radios.opovo.com.br
fortaleza.novabrasilfm.com.br
fdr.org.br
populares.com.br
www.anuariodoceara.com.br
thetrustproject.org
www.youtube.com

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 05	`2021-08-11` - `2022-08-06`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-12` - `2022-05-11`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
player.transmissaodigital.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
forms.rdstation.com.br R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
radiopublic.com Amazon	`2021-05-27` - `2022-06-25`	a year	crt.sh
*.opovo.com.br AlphaSSL CA - SHA256 - G2	`2021-05-03` - `2022-06-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
*.nxtck.com Thawte RSA CA 2018	`2020-11-05` - `2021-11-07`	a year	crt.sh
cdn-raw.nxtck.com GTS CA 1D4	`2021-06-26` - `2021-09-24`	3 months	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.opovo.com.br/
Frame ID: 08162C5E08C2C35179E025BE04F6C93A
Requests: 88 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.opovo.com.br%2F
Frame ID: 8904E4F9B72B0B6419045547326C570E
Requests: 2 HTTP requests in this frame

Frame: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25709C559E021288D5F30BF8A7EE30C4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
Frame ID: 2F4C81C2F3FACF7D55292C1ED1C6E93D
Requests: 18 HTTP requests in this frame

Frame: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Frame ID: 1D7815323DC7E8034FECE77D24EF6850
Requests: 24 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 437456A8376713EF8B88B1F22A5B364A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: A4CA9FD8385CD025495EABE279CAACD8
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9XmhKkx7hhcXzU22cuIbBCz4v3654WE_xwh8HjClwsx5polz0YD3v5wWSZznHtDdwATqtuxwCg-RH6nZ5BfHwxU1KWe_j5jrcyL1v4R_5szMsXV2716CpwGNgWNrxQkL2FZqEPiAK0Y2de2NdpAvGewEjbgpvnuimJ45Zsp3D8T33B3oZZls7dX22UUOsWpMptjwKWJcVAabE6KWYvAUV8Bx1Tt5FsGrOoTJEpW8IV2TcN3yAPd96Srjz_dIgIpVe7lJEyjC0BUVU1wsIwPZC89GzQj78u73EJ_3bh9osCOgMzm-D-naAiDvmJ2dPOZ82Vi8&sai=AMfl-YQrAMNsdijiFV6bz7nysJsj9DQlsVnR-zpyGKkTqVmMnhzgTcQiPlj7VeUyke2cSz-LNil6jwqXPpGKbowOtBxtGlVt6ckXGVyAgbj601X1_cDXnLMUY6htmxvtb4y7&sig=Cg0ArKJSzEqBEG_lkHCDEAE&adurl=
Frame ID: 1B89D30D46FA48181970B1A70D4FCAFA
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: B510F8F657CFF152D8BECBEDE96419F4
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 7E1F8B58B0015A6D381A42159A92FAD6
Requests: 17 HTTP requests in this frame

Frame: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A69AC3FBABB456C5807ADA8A175292FB
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzlUkLEkHw1uAp_cNaiE4Noen4sHS6jR00vNy1BjgYRn0bbpQQCmK8wsoLGuc8vtWfcriOmBayHjF-F4DYMo2W9HMFCoJOCUQoog4flDNzTG7lX3eBcNuCC-wIezG6JVUQ86JaDPzhV7TsKA5rkbEldM3q7Iv4OQZWaXRTjA7c3ejCl41PInFeSjQ34SMfW9b-WF5g9TpW_4uoC-AKP48D3I0Sj0UDU64dcFtSkvfcTpq0-vqQ6TqAce3WL8GvVPDjrEk2Whg4gRg3VhGCsncVNCuUVWh8JTq6b-ZN38DAnZFJ1X0W-Ejd9JyuUv4R8g&sai=AMfl-YRXBDHyQhMvl2YhhHBokbJiVL_FmWydLtRepCmDzyyRntGYJdGMtFRNy4q7_XN1Tdsq1VoG1_0EwDsucKh70Br8RpKZ2agx0BdSQo7g7LEGhxxTbeJkAngVzPySBXB9&sig=Cg0ArKJSzE2f0tl1224lEAE&adurl=
Frame ID: 8BC05EF0980D47B77B81D7FF3F0B66B1
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnRXc6Qn8UuMvkqFKKUTX_OwR2r4BdATgj_AVATKqDWO-00IklX_afRyrj8IBC0KK6Wrz9U8BrtFxDT2MQc2ZuMvOpwP5QSXgi1oKCgzMAnISytU5l9-NJXmuwbKcQM76DQle8Tfvi3jNSPNsTYwG98Q6AS3rLyfm0Zn59aujR8n3Pmcl1cozDfHX2ihj4sP_5_bmRRjztf2fv0KantUoTeU5lr0myFjFJsZ5TK0bzJAxqgLTGX5_yvw-wt8d6mpc8zVfz1gSHzSKtazGoDzqpN3wtQy8Wg1D7RZDKcuGvLRpezRZNJ5HVlvyWoTdz6tUScxAabcbSHnBFWw&sai=AMfl-YQ2xWZ0s9iP7X17hK1sYkgElApq6OwP5sHsDfXc6QX_YOfFsZk0oHRPzF4pxB3DQgZuieOMWx6m-a89Vb4ZjQTcTWObPqmabl0UB5Ulk5Sl-i9Pv-5todAKEYykcTv-&sig=Cg0ArKJSzFrScgIzYTthEAE&adurl=
Frame ID: 475675C22287E8D208C1F3FE2BE6D621
Requests: 7 HTTP requests in this frame

Frame: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DAFC0313373DF06D4DC5D60BFBA254B6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1vSvXDAB&v=APEucNXxazgsvI9H--qi87tO0O2qWHL8sjMH3DsgY1TUq-LbgApolEOFSBTcIkWCGYyOQlBzQhHJZjcjb9mTN44h1-Ey1UnE7RuzuBgdmgcZ7Wi6IWcFEO7BAM2_B5LWJBzK24uGFAGWBR4PpudE93BHILTfM8984gSYbDryosUw7LKfpoQJnEc
Frame ID: 60E00FFB5C3B58A199FD12B9B5AF8060
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQoLrgzAIYs9OlrwEwAQ&v=APEucNX8LsWbeGkzloGfsMtPqEf6EhUB3i41uGXAgIBbOTKS40B8EK1nPmSnsws16NDnT8JJ-zhmXxq0nwFV9HgfpWpssvKu0jZrq60QWBLI-MQju-gEdes__jU9UiF9uZLZeWTc2tKzc4jaXov0vJ3TiD3eFkMkiPip6hoRL9nQvyE1G7sH6eA
Frame ID: C06F323D455D3B94AE7E95DC9F825A6E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA9CDC2121975AC5B7CCF591117A537F
Requests: 3 HTTP requests in this frame

Frame: https://nxtck.com/as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D
Frame ID: 29550394FE57F0938340BCE1BE546A33
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A37F76569C637AA6A9CBE327A0C5141C
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N4022.2365101ECSELIS-14_FRA_4022/B25951977.304487582;dc_ver=78.226;sz=300x600;u_sd=1;dc_adk=1767435180;ord=gew7lm;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56369%26aid%3D583208%26ev%3D76494%26rid%3D7misw6fX3QaC_vcn%26sid%3D668788522%26uuid%3D619aaa65-362f-4679-8260-d0cf67a1379a%26ecr%3D%26referer%3Dhttps%253A%252F%252F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%252F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.opovo.com.br$2,https%3A%2F%2F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=vEb25LD_h6;osda=2;sttr=36;prcl=n
Frame ID: 6448D233FFBA100B3229CB36FC87FE15
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9A7AAF45C7BFA11E02BDFB6C93AFAC2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6278281/1622044457304/300x600/index.html
Frame ID: F0817F422715CAECE3B03C291D967A88
Requests: 10 HTTP requests in this frame

Frame: https://hal900023.redintelligence.net/request_content.php?s=93902100154065801084868011683023&a=b820c253
Frame ID: 23C966D7E1E4EE8755EC2E8032739CFA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CC4A019ED60FDEAD7D609BE406ADF7B7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85295AA36853876DB2852376E77078ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.opovo.com.br.us2.cas.ms/ Page URL
https://www.opovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

262
Requests

100 %
HTTPS

62 %
IPv6

33
Domains

49
Subdomains

54
IPs

7
Countries

7519 kB
Transfer

14106 kB
Size

14
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://adorofutebol.com.br/
Title: Tabelas

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/?utm_source=home&utm_medium=orange&utm_campaign=colors_test
Title: Assine

Search URL Search Domain Scan URL

URL: http://adorofutebol.com.br/
Title: Tabelas

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/
Title: O POVO Mais

Search URL Search Domain Scan URL

URL: http://radios.opovo.com.br/opovocbn/
Title: O POVO CBN

Search URL Search Domain Scan URL

URL: http://fortaleza.novabrasilfm.com.br/
Title: Nova Brasil FM

Search URL Search Domain Scan URL

URL: http://fdr.org.br/tvopovo/
Title: Canal FDR

Search URL Search Domain Scan URL

URL: http://populares.com.br/
Title: Populares

Search URL Search Domain Scan URL

URL: http://www.anuariodoceara.com.br/
Title: Anuário do Ceará

Search URL Search Domain Scan URL

URL: https://thetrustproject.org/
Title: Participamos do

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/cidades/2021/08/11/vacinacao-infantil-ceara-nao-atinge-nenhuma-meta-do-calendario-nacional-em-2020.html
Title: Exclusivo assinante Vacinação infantil: Ceará não atinge nenhuma meta do calendário nacional

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/
Title: Assine e tenha acesso aos colunistas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/clovis-holanda/2021/08/10/vendo-o-noticiario-so-resta-correr-para-um-beach-club.html
Title: + Exclusivo assinanteVendo o noticiário, só resta correr para um "beach club"

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/clovis-holanda
Title: Clovis Holanda

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/andre-bloc/2021/08/10/recorde-brasileiro-em-toquio-foi-feito-por-grupos-marginalizados.html
Title: + Exclusivo assinanteRecorde brasileiro em Tóquio foi feito por grupos marginalizados

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/andre-bloc
Title: André Bloc

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/leda-maria/2021/08/11/o-esporte-e-a-paz-na-conquista-do-mundo.html
Title: + Exclusivo assinanteO esporte e a paz na conquista do mundo

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/leda-maria
Title: Leda Maria

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/guilherme-ashara/2021/08/10/transformando-feridas-em-felicidade.html
Title: + Exclusivo assinanteTransformando feridas em felicidade

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/guilherme-ashara
Title: Guilherme Ashara

Search URL Search Domain Scan URL

URL: https://radios.opovo.com.br/opovocbn/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/web-stories/plantas-para-ter-em-casa/2021/08/10/plantas-para-ter-em-casa.html

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/web-stories/os-jogos-lancados-em-agosto/2021/08/03/os-jogos-lancamentos-de-agosto.html

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/web-stories/introducao-as-criptomoedas/2021/07/06/o-que-e-uma-criptomoeda.html

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/nazareno-albuquerque/2021/08/11/nao-sei-por-que-nao-confio-no-artur.html
Title: + Exclusivo assinanteNão sei por que, não confio no Artur

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/nazareno-albuquerque
Title: Nazareno Albuquerque

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/nello-rangel/2021/08/10/voce-sabe-ser-cuidadoso-parte-2.html
Title: + Exclusivo assinanteVocê sabe ser cuidadoso? Parte 2

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/nello-rangel
Title: Nello Rangel

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/neila-fontenele/2021/08/10/programa-mais-emprego-ceara-tera-inicio-no-final-deste-mes.html
Title: + Exclusivo assinantePrograma "Mais Emprego Ceará" terá início no final deste mês

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/neila-fontenele
Title: Neila Fontenele

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/henrique-araujo/2021/08/11/exames.html
Title: + Exclusivo assinanteExames

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/henrique-araujo
Title: Henrique Araújo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCj-RTZE-V3Q6jleatRR9k2A
Title: Ver mais vídeos

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/reportagem/2021/08/11/governo-perde-na-votacao-da-pec-mas-nao-sofre-goleada-na-camara.html
Title: Exclusivo assinanteJornalBolsonaro perde na votação do voto impresso, mas não sofre goleada

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/economia/2021/08/11/assumir-prejuizo-e-a-reputacao-no-mercado-as-possiveis-causas-da-recusa-da-ford-em-vender-a-troller.html
Title: Exclusivo assinanteJornalAssumir prejuízo e a reputação no mercado: por que a Ford recusa vender a Troller

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/era-das-chacinas/2021/08/10/chacina-dos-portugueses-ha-20-anos-violencia-no-ce-assombrou-europa.html
Title: Exclusivo assinanteHISTÓRIAChacina dos Portugueses: há 20 anos, violência no Ceará assombrou Europa

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/08/11/do-game-para-o-cinema-free-guy-explora-fronteira-entre-real-e-virtual.html
Title: Exclusivo assinanteJornalDo game para o cinema: "Free Guy" explora fronteira entre real e virtual

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/ebooks/2020/04/14/vende-se-uma-familia.html
Title: Exclusivo assinanteLivroVende-se uma família, de Socorro Acioli: leia o livro aqui

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/08/04/jornalista-cria-um-fortaleza-esporte-clube-na-hungria.html
Title: Exclusivo assinanteReportagem especialJornalista cria um Fortaleza Esporte Clube na Hungria

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/flip/

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/violencia-contra-meninas/2020/08/25/morando-com-o-inimigo--o-perigo--na-maioria-das-vezes--esta-em-casa.html
Title: ESPECIALViolência contra meninas: o perigo, na maioria das vezes, está em casaEm série especial, O POVO retrata a realidade de meninas violentadas a cada ano no Brasil e no Estado. Pesquisas revelam que em 70% dos casos, parentes próximos são responsáveis por abuso sexual praticado contra crianças e adolescentes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.opovo.com.br.us2.cas.ms/ Page URL
https://www.opovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yTwUYdHNCYqx7gO5hrTwAw&sscte=1&crd=&eitems=ChEI8OrNiAYQhsGUkJjWsejqARIdAAVz41l14cz6W7Hs1I0OLIDyMGmK_WJmjTc9pVo HTTP 302
https://www.google.com/pagead/1p-conversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=yTwUYdHNCYqx7gO5hrTwAw&cid=CAQSKQCNIrLMrdUnbQPXgHWjFa8je6MC6gW7b4EZ0Q6pUqQ568UtbMV0Loic&eitems=ChEI8OrNiAYQhsGUkJjWsejqARIdAAVz41kXA7EFqF72HbSYQ_kFl2Nq1LUoQZSB3QU&random=1370903325&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=yTwUYdHNCYqx7gO5hrTwAw&cid=CAQSKQCNIrLMrdUnbQPXgHWjFa8je6MC6gW7b4EZ0Q6pUqQ568UtbMV0Loic&eitems=ChEI8OrNiAYQhsGUkJjWsejqARIdAAVz41kXA7EFqF72HbSYQ_kFl2Nq1LUoQZSB3QU&random=1370903325&resp=GooglemKTybQhCsO&ipr=y

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1&C=1

Request Chain 216

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRQ8ym-HnkTN2t90OeuI9AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1

Request Chain 218

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1

Request Chain 220

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRQ8ym-HnkTN2t90OeuI9AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1

Request Chain 222

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D

Request Chain 233

https://hal900023.redintelligence.net/request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPACqyTwUYdr5DaTZ7_UPhpO7yAyG3bDSXbSYr7q8CvAuEAEg3Nf7ImD7gYCAiArIAQmpAtqrl517tbM-qAMBqgTPAU_QZuGaOlqO-KfZZK_GJ2VUB0Dcxyj7MbFJkMy_J4lnHBXHBtr9sWLdKlihohqXD7RuUm5_EWKtass4G_OMy7efDTUfnDaMKBxSm-u4Rgx6ziXBp2pflIzuDMMSslWuZn3O1GxkdAilKWGKDQX8geeHQx38S3WOCsL9krS6YAMeQjVNDg_y7cekIC5B9N6KfPo5CafCWYJ25E2lVTcyc8EH6ZRdyZxYowFLptbsm_2kywWf2RSbzCoSCbmP7_5ix2QHimQAR0GcWXvBkujFKMAE8c6eps8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPNxrUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRocwGgscufSVe7M7GYPeacMoeS-A%26sig%3DAOD64_12Epoo3lNnyzQNicAK6HIW9ZiVpg%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Dea7G0KJySdODv_H2iMFyjWUem0lsF_OlxnTQKKg3nnURgiC0XJDa8W0uaOOii1D_Y3Pqurr7ABI3jWNsC4ZEhY5FI5U94fdZ9xYCQZSbEe2Vq-shc6HZC7z_E9T_yJT_1qPQ7kD16LaThKU-BkhNRLiGbBw%26cry%3D1%26dbm_d%3DAKAmf-Br-3KRRmrTwAW5Hm2nrXLpPCvVNAdxSQ9LmWH-S2eBwnqWy1IledxSJd3aOUKH_sUIkENQ0q_ur_14tyKc-cGKVNLcL2VnBfM7pAWa9Ul0kZLn9uvq8lemT5vMg9dDISxLKDWd29WU6kUuOcOnstyXkAtG9xTuL7BOicrekrVqG8-Cdcu1SBO64DIOSz6pgYwyvOJ_k25KA8j3AXAPHFHeVIV58V4Buzyfmi0MD_IWb8I4rCJ_9KlHYwYa_SuETI3ZXUV7EkHx3t2gL5eThTEXa_O0EP3wfYSAHYUUWIvE3Nf3ebT4A4xVDY1T3FUkp1qGkDZRPet7GvGjUHIrTH9n2nKDsy5Cb7rZhb_RoeUTKz7l3TG2ztpQbZpOqQmHE1mMp0ZsICrIXJTgmZffgMBJSHmVdnwuVufnHn-h1a3EJ2nXM1C2DM6WER9BNW9wMEggOnvf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8771019445501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900023.redintelligence.net/request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPACqyTwUYdr5DaTZ7_UPhpO7yAyG3bDSXbSYr7q8CvAuEAEg3Nf7ImD7gYCAiArIAQmpAtqrl517tbM-qAMBqgTPAU_QZuGaOlqO-KfZZK_GJ2VUB0Dcxyj7MbFJkMy_J4lnHBXHBtr9sWLdKlihohqXD7RuUm5_EWKtass4G_OMy7efDTUfnDaMKBxSm-u4Rgx6ziXBp2pflIzuDMMSslWuZn3O1GxkdAilKWGKDQX8geeHQx38S3WOCsL9krS6YAMeQjVNDg_y7cekIC5B9N6KfPo5CafCWYJ25E2lVTcyc8EH6ZRdyZxYowFLptbsm_2kywWf2RSbzCoSCbmP7_5ix2QHimQAR0GcWXvBkujFKMAE8c6eps8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPNxrUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRocwGgscufSVe7M7GYPeacMoeS-A%26sig%3DAOD64_12Epoo3lNnyzQNicAK6HIW9ZiVpg%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Dea7G0KJySdODv_H2iMFyjWUem0lsF_OlxnTQKKg3nnURgiC0XJDa8W0uaOOii1D_Y3Pqurr7ABI3jWNsC4ZEhY5FI5U94fdZ9xYCQZSbEe2Vq-shc6HZC7z_E9T_yJT_1qPQ7kD16LaThKU-BkhNRLiGbBw%26cry%3D1%26dbm_d%3DAKAmf-Br-3KRRmrTwAW5Hm2nrXLpPCvVNAdxSQ9LmWH-S2eBwnqWy1IledxSJd3aOUKH_sUIkENQ0q_ur_14tyKc-cGKVNLcL2VnBfM7pAWa9Ul0kZLn9uvq8lemT5vMg9dDISxLKDWd29WU6kUuOcOnstyXkAtG9xTuL7BOicrekrVqG8-Cdcu1SBO64DIOSz6pgYwyvOJ_k25KA8j3AXAPHFHeVIV58V4Buzyfmi0MD_IWb8I4rCJ_9KlHYwYa_SuETI3ZXUV7EkHx3t2gL5eThTEXa_O0EP3wfYSAHYUUWIvE3Nf3ebT4A4xVDY1T3FUkp1qGkDZRPet7GvGjUHIrTH9n2nKDsy5Cb7rZhb_RoeUTKz7l3TG2ztpQbZpOqQmHE1mMp0ZsICrIXJTgmZffgMBJSHmVdnwuVufnHn-h1a3EJ2nXM1C2DM6WER9BNW9wMEggOnvf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8771019445501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

262 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.opovo.com.br.us2.cas.ms/ 1010 B
834 B 102ms
34ms Document
text/html 40.81.121.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.opovo.com.br.us2.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.81.121.140 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

fbf857f2d8e2082494a42b59bb1f2c8bc8a7ec864d62d5165a024ffc25653054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.opovo.com.br.us2.cas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Wed, 11 Aug 2021 21:10:32 GMT
x-mcas-request-id: 2868f2c23160d9c8173ce4302f4d635d
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
expires: Mon, 01-Jan-1990 00:00:00 GMT
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.3.24/js/ 5 KB
5 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/js/session-context-store-helper.min.js
Requested by: Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Referer: https://www.opovo.com.br.us2.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 11 Aug 2021 21:10:32 GMT
last-modified: Wed, 04 Aug 2021 07:17:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PLOXavfa2pddds7xHBr81w==
etag: 0x8D95717E6041C3F
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67a67af-a01e-00f6-540d-8973c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30886717
x-ms-version: 2009-09-19
content-length: 5084

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.3.24/html/ Frame 8904 281 B
729 B 7ms
7ms Document
text/html 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.opovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.opovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br.us2.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br.us2.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Wed, 04 Aug 2021 07:18:01 GMT
etag: 0x8D95717FE9A6378
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1825ea4c-201e-0009-480d-894e5a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30886700
date: Wed, 11 Aug 2021 21:10:32 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.3.24/js/ Frame 8904 36 KB
36 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.opovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.opovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 11 Aug 2021 21:10:32 GMT
last-modified: Wed, 04 Aug 2021 07:17:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: d0ja3c44qO7D3vm2nqObfQ==
etag: 0x8D95717E6200DC3
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67a69f2-a01e-00f6-630d-8973c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30886697
x-ms-version: 2009-09-19
content-length: 36521

GET
H2 200 Primary Request / Show response
www.opovo.com.br/ 61 KB
13 KB 15ms
15ms Document
text/html 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77971f305942c281a778ab2489e8e271d55504bcb5ebb38945e98f058219198c

Request headers

:method: GET
:authority: www.opovo.com.br
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.opovo.com.br.us2.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br.us2.cas.ms/

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 11 Aug 2021 20:06:37 GMT
vary: Accept-Encoding
x-fivecom-rewrite-portal: home
cache-control: public, max-age=120, s-maxage=604800
x-varnish: 193594330
age: 13
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA3G6yohYY7E0o%2FrqkhhlFr19SyP3cRYMeuiyU3RHN8XNEAxEOysepOM3m7IIlJGy2KrkD7idvIROJzBxC8itnogo038QNiwyP5oC9T9KHTVv4vbGwp%2Frcf4onyiK2Q2%2Bo%2BkJRe23NNx3RYQEDUT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67d473850890434b-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 38ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756, 617, 617
age: 1180794
cdn-cachedat: 2021-07-24 16:53:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5556e1672a3336be2e69601e83efd441
cf-ray: 67d473854f8c2c3a-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 main.css
www.opovo.com.br/reboot/includes/assets/css/ 31 KB
7 KB 34ms
20ms Stylesheet
text/css 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd5607dcbe171b837fe85c863ceaa921f82aa628f30006944cac938286376e6

Request headers

:path: /reboot/includes/assets/css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7332
cf-polished: origSize=45958
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 18:20:12 GMT
server: cloudflare
etag: W/"6112c35c-b386"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2WmD2S7y41u76oP2VWH3ftJT1IROVNEZTwFz0PxcASPAbcyzbjYL7wAD8t%2FOzI15QQjT05fIiQS5e78o9iGKpVJE7YDCOo4j4y4SY3UiEMrtzY0a0qVYgDa%2BJgo%2FIR%2Bv9tm1AJMlrQnjmI13Q5K"}],"group":"cf-nel","max_age":604800}
x-varnish: 176720548 177079723
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 67d473854ac30605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 home.css
www.opovo.com.br/reboot/includes/assets/css/ 24 KB
5 KB 31ms
17ms Stylesheet
text/css 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/reboot/includes/assets/css/home.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01926c1dc655b802e2f4e5f9501684064f48e6ac9bd9ec900968937fe44dea1a

Request headers

:path: /reboot/includes/assets/css/home.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7313
cf-polished: origSize=36351
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 02 Aug 2021 18:41:36 GMT
server: cloudflare
etag: W/"61083c60-8dff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwFLNKCPP99XBfSjlO3eHhCWgYiBJiClkVUHJX9ek%2FNUXCJ63jEDHZ%2BB6Fg7871VrhYpqA0RCEnk7YyuIM5b1LrLBwaI6%2BqKMy0htovDqkUOxCtxeBFcNHb4%2Fe%2BEdQW6qOxngsn8%2BI%2FQGFYTuIwD"}],"group":"cf-nel","max_age":604800}
x-varnish: 175184349 174231704
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 67d473854ac10605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 26ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1628716232.dop242.fr8.t,1628716232.cds290.fr8.hn,1628716232.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9fd5bdff1852d66e8a7c3dd708d7ce22ee9105d9f06d9f73ea6ea7e84871e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40983
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cc5c5e68eae81b17a0296379af021769f3ae8732d62f16f2058615976c79535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "956 / 301 of 1000 / last-modified: 1628680425"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25151
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H3-29 200 menu%20icon.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 1 KB
1 KB 18ms
18ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/menu%20icon.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61deae71fd0ad0396d0819d19356b76f37d4d6a6d028bd1d04775ff083c3e147

Request headers

:path: /reboot/includes/assets/img/icon/menu%20icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7332
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 04:09:57 GMT
server: cloudflare
etag: W/"61022a15-476"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U7zi6DNfW9uR1poSrYAuUnTcn5wrwc3TVR7Yx6TZaYFlfBWnaKrtEA0uMjtglq9p%2FZLkRnXlwWYtCYZpcEdM0JbKc8kVK%2FOwJ36q4WPvCFxyx6E2CPJpiu%2F5UunwGUwbjjmXhpjxl%2BG67wO3P8a"}],"group":"cf-nel","max_age":604800}
x-varnish: 177045741 177079731
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d473865d290605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 opovo%20logo.svg
www.opovo.com.br/reboot/includes/assets/img/ 4 KB
2 KB 17ms
17ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/opovo%20logo.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9db9c26133de44e188ba8efdffc8ada7122550a3023fe6070660f02a1528e3f

Request headers

:path: /reboot/includes/assets/img/opovo%20logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7330
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 04:09:57 GMT
server: cloudflare
etag: W/"61022a15-1187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XT6gul5cGK6OcwZwLNMp9MSQYkUEtfxY58SkGAR2F2%2BkLd7vcwkUHt%2BY%2BxNZsV3%2B7LiOATvEy7zi0Oteb9OpJQO3ul5EDR4jmE%2B4reND3jUsvEODKV4mXUuXq8jK1H8TfpW8BqFKzTkPtdvgXFv"}],"group":"cf-nel","max_age":604800}
x-varnish: 176720597 176065243
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d473867d670605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 busca%20icon.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 556 B
1 KB 13ms
13ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/busca%20icon.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37be7a267c93deed806a27dbc7c367081e0f9399a76748a20e6f9f5e20ee51c0

Request headers

:path: /reboot/includes/assets/img/icon/busca%20icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7331
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 04:09:57 GMT
server: cloudflare
etag: W/"61022a15-22c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toXTgwBjGFb2wATE%2B%2BZMFwFOxATqLtMCJKuAdFo8Ujcm0b1a4vyQA7GLnJph30SDQaTptIFkKkONb769KFaNt%2BzlPuM7CEDxCQ2RuvCSRwMGDe6PeX2NvR2%2F%2BMKKHxn0xS1zMpQYK38IdgRQz05g"}],"group":"cf-nel","max_age":604800}
x-varnish: 177045786 177079740
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d473869da90605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 x-icone.svg
www.opovo.com.br/reboot/includes/assets/img/ 557 B
1001 B 13ms
13ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/x-icone.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dc66a366c3952a0dbed2205d6d5c48c26200befa3a4ccb6112be49ab774878

Request headers

:path: /reboot/includes/assets/img/x-icone.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7330
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 04:09:57 GMT
server: cloudflare
etag: W/"61022a15-22d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSIGpUpveiCaSVaJHAZ4PgcixLBY91bDPgkjjkSeMW0OCdCTrU2xE8kWYue9ul%2FnRZxkbeLke0xu3jtk%2FUP%2FlbmBugYWPGf%2BxAjodZ04Mm%2Fcl4N2VtEgrDxLE4te%2FVG4CKvxBbNOKgAtwZYk8ePh"}],"group":"cf-nel","max_age":604800}
x-varnish: 175474315 176065233
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47386add70605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 trustlogo.png
www.opovo.com.br/reboot/includes/assets/img/ 3 KB
3 KB 11ms
11ms Image
image/png 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/trustlogo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfc2535f6e81fe3e03bc7f1585541629734216cdd9c99f99dd8e7c09feb71089

Request headers

:path: /reboot/includes/assets/img/trustlogo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7330
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2731
last-modified: Thu, 29 Jul 2021 12:49:24 GMT
server: cloudflare
etag: "6102a3d4-aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnAGtCzICDg0L4r5sqysNzf%2BlB43q7NjG1P3zOj%2BNiM6IEPQAU2TgK4I2Yk6u9vW2r12G%2BUrznYUt%2BzV03DmSpzkaZ80dIdF5o3Y0cdmRj1%2B0w57OFETlvYytfT1dbhG%2FRxhhcnMst5SgEo50akr"}],"group":"cf-nel","max_age":604800}
x-varnish: 175474313 176065240
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d47386ce040605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 breaking-news-logo.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 5 KB
3 KB 16ms
15ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/breaking-news-logo.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce46f553ca45d2ff6acac8e983bc80ad540a9e07c06309e79fddf07c9629f69

Request headers

:path: /reboot/includes/assets/img/icon/breaking-news-logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7313
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 04:09:57 GMT
server: cloudflare
etag: W/"61022a15-1339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEKD6y6KGKryvsKWQMEk%2F1Z8ryfIi%2Bw9ykJTZJYfc0mCbm2T78yXMDIkjJsjaR79wTzGr7%2Fh53xGJqIOlxsDeXXTARnF1fklwk0TuAuhcZ8bK%2BhSJ6KNAbk6BqjdfJdNQjcDMoSf7XMaR%2BKbfM05"}],"group":"cf-nel","max_age":604800}
x-varnish: 175184364 174231719
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47386de2e0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 logo-op+.svg
www.opovo.com.br/reboot/includes/assets/img/ 2 KB
2 KB 15ms
14ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/logo-op+.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70009818dd359fa38d706cf06c2906f7ad035c19218cd9eb0d083f19925aaf87

Request headers

:path: /reboot/includes/assets/img/logo-op+.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7312
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 13:25:35 GMT
server: cloudflare
etag: W/"6102ac4f-93d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muSMTg06g8lYPFxMM3JpbzGiZ0r30%2FgSOYofdoBppToY%2BDYkN43kR8GjdcD%2BgL6zt1nM%2BwSNdR5qS4KjbBfMMA4g4jgb6Vq2inxmnoKQJ7uGW8qcL2ON%2Fs9TvuBQp3F0%2B%2FZWHigSHNNVBxez8z4D"}],"group":"cf-nel","max_age":604800}
x-varnish: 172629044 176393703
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47386fe5a0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 logo_cbn_home.svg
www.opovo.com.br/reboot/includes/assets/img/ 5 KB
3 KB 13ms
12ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/logo_cbn_home.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5b6a0210cfbd83a9bde2a3b9944d77e2c8b041e19c2d7c907d54bdd8f87828

Request headers

:path: /reboot/includes/assets/img/logo_cbn_home.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7312
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 18:41:58 GMT
server: cloudflare
etag: W/"6102f676-158d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRvt%2BLC%2FB9pX8jDxevMYs9rBHxdsLBF7PjcbXYFnCybv6enNiTw2sCQuQ%2FT1P9q7J7DcJPd82RXCSyJHbh76kSNw6ScLTj5dFeR3dmewPJJv%2BIhGXDSZzx%2Bb1u3pyMsqn3KSpR%2FLQhdLTAx3Z45x"}],"group":"cf-nel","max_age":604800}
x-varnish: 175184389 176720680
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d473870e780605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 rdstation-forms.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 179 KB
48 KB 100ms
32ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2cd97361029231f60fed13cfcf4b7647194819d1e7510777a42c0757e9614c3

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 23:44:49 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 13:38:32 GMT
server: AmazonS3
age: 1286744
etag: "936c0e9f9f2e7062db9525fd93e9a629"
x-cache: Hit from cloudfront
x-amz-version-id: sTRI5oPxk0GUIriIlx7bdWWVPfl8DTyA
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: max-age=315360000, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 48720
x-amz-cf-id: nYtimavXK4OcbAUxY68jJ7OE2Kbzc-ggvjVsZjcYnB4anACukbpPKw==

GET
H3-29 200 1_violencia_contra_meninas___capa1-13352210.jpg
www.opovo.com.br/_midias/jpg/2020/08/24/608x344/ 39 KB
40 KB 12ms
11ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2020/08/24/608x344/1_violencia_contra_meninas___capa1-13352210.jpg?20210809082104?20210809082104
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbddc59fd95006e6df8dd917bc0f59cbb4f3216ed7a8b5fb735f532de86603c0

Request headers

:path: /_midias/jpg/2020/08/24/608x344/1_violencia_contra_meninas___capa1-13352210.jpg?20210809082104?20210809082104
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7311
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40411
last-modified: Mon, 09 Aug 2021 11:20:51 GMT
server: cloudflare
etag: "61110f93-9ddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PepLXvB0yOoyRYZngdiN1LnngoJxXgrP%2FItAvRXxRaj041UhULgLcQaOl2sWCzG7bMZb8NRwjn1cWU9%2Byxay6riiFyYAQtTJ8dYIXcnNEpC%2B%2BElSw%2F7FowCUkXLFaUMeehGpkC3RN4BNpOp9CPzk"}],"group":"cf-nel","max_age":604800}
x-varnish: 176882478 173512520
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d473872eaf0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 6 KB
7 KB 15ms
15ms Image
image/png 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7330
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6467
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvJI4cVuAdP8SH%2Fvv8OOm1NTs8XU6IByKQ8s%2FuBGm6mf%2BGjLMvbYyTc7W%2FnK3ZUrVqusjCy%2Ft%2Fs6UjR7T3qYkavaxbSXODu5on1YuWF6xDAcDsYxDqbQkGIA6J8d6hu6wzafCpSj%2BMXctp7pcdM2"}],"group":"cf-nel","max_age":604800}
x-varnish: 175474317 177079734
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d473872ebe0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 main.js Show response
www.opovo.com.br/reboot/includes/assets/js/ 3 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/reboot/includes/assets/js/main.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c30b7faefd4e8fefed030603d324d54adcab250726f3b2baa6d07388ababc2c

Request headers

:path: /reboot/includes/assets/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7332
cf-polished: origSize=6649
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 11 Aug 2021 12:40:50 GMT
server: cloudflare
etag: W/"6113c552-19f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAewz7Nyw8JzlnP8%2Bd4m0M%2B19DIk5ChQKuIZ7beo1fhUG4aE7Ic45y8rfxI1EGrXJFmabJ6To1LrSSoIOc%2B8O6CVW0jaOEnJlMwqnodFh5M0%2Bg4%2FSxyEgQdPK1igSJZTRhl7HF2nopr8yggxwcB6"}],"group":"cf-nel","max_age":604800}
x-varnish: 173512377 176065246
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 67d473872ec00605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1003 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25a97b6f96010411d7098a277fc392cf8fe4c024a5bb5ef44b9da7790f0c0022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 20:57:27 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
878 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8acb353b031da51b2508fa3b0f6037cbafb24a10063e30e720869142f4ae1eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 21:10:32 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H2 200 css2
fonts.googleapis.com/ 439 KB
121 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif+SC:wght@300;400;700;900&display=swap

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02b42891008d9664f81c4d4a49510e55a943f863a79b711ef820ee778cf1c46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 21:10:32 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H2 200 pubads_impl_2021080901.js Show response
securepubads.g.doubleclick.net/gpt/ 330 KB
115 KB 113ms
43ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 08:37:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117636
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
44 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3eb259e9fdba1b8e356bdea4a79e525debff6262b5c6b0a46591e82e6b7908b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44546
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:32 GMT

GET
H2 200 hotjar-254673.js Show response
static.hotjar.com/c/ 5 KB
3 KB 105ms
35ms Script
application/javascript 54.192.219.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-254673.js?sv=6

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.219.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-219-13.mrs52.r.cloudfront.net

Software

Resource Hash

b0abc211f76d762989c87af1c20ba8f097934baa49cf2c4def542d6ce2a2ed86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 49
etag: W/3f6a1df674b8c9db12239731fe775059
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: MRS52-P2
x-amz-cf-id: HMadaz8KTzSK5V57ns-aQ6KNeshMn53S6ccQ2PIrT3avPrA_tLmYmA==
via: 1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront)

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:30:05 GMT
x-content-type-options: nosniff
age: 157227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:30:05 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 160780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:30:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 243 KB
41 KB 668ms
668ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3497915320700770&correlator=2528923579765115&output=ldjh&impl=fifs&eid=31062219%2C20211866&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210811&iu_parts=10216148%2Cbanner_bottom_desktop%2C20%2Cteste_digitalpremium%2Cbt_smartphone_portal_home%2Cteste_digitalpremium_mobile%2C29%2C2124%2Cbr2_smartphone_portal_home%2Cbm_portal_mobile%2Cbr_smartphone_portal_home&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=468x60%2C1190x250%7C728x300%7C970x90%7C728x90%7C970x250%7C970x150%2C1190x250%2C320x100%7C300x50%2C320x100%2C300x250%7C336x280%2C336x280%7C300x250%2C300x250%2C320x100%7C320x50%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1628712397&dt=1628716232891&dlt=1628716232502&idt=311&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C180%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C300%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=765604454%2C2160817647%2C2239437085%2C550397358%2C2196125528%2C322037220%2C3462848208%2C1496226131%2C1757523621%2C1138306896&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1240x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C1240x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1000758193.1628716233&ga_sid=1628716233&ga_hid=1383743160&ga_fc=false&fws=2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

69e804fb08d0f9c06b98e76f6a50a5fb7afa558e8b6085b1d25b4d44556461e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41883
x-xss-protection: 0
google-lineitem-id: 5729574695,-1,-2,-2,-2,-1,-1,-2,5758310634,5713381895
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138354169478,-1,-2,-2,-2,-1,-1,-2,138359069532,138352033713
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2570 6 KB
3 KB 49ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 11 Aug 2021 21:10:32 GMT
expires: Thu, 11 Aug 2022 21:10:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 icon-relacionados.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 482 B
1003 B 11ms
11ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/icon-relacionados.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f0a286769312e8db193ae35a08d50d0b60988e0e8faf3d4f9294b822617fe63

Request headers

:path: /reboot/includes/assets/img/icon/icon-relacionados.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/reboot/includes/assets/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/reboot/includes/assets/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7311
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 04:09:57 GMT
server: cloudflare
etag: W/"61022a15-1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVTbcKucgFHrrcgpQDd8h6EYq4gHfD%2BVIF1Nt6yNegtt4rn9jhiUgL6sJlOBSl8goBX5%2BdJbuD2iKcycp0KrCcz%2BwsKDaEhc9i2YQtb5iS6cumYazK6xCHE6sJnBTHKNB6m67KCwJ7R8SeBm7zI5"}],"group":"cf-nel","max_age":604800}
x-varnish: 176195789 176524940
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47387afa60605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 simbolo-mais.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 709 B
1 KB 13ms
12ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/simbolo-mais.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81ee9f7aad91808ed8611c7b85abef34084d1717b3ac32314af7f705accaf1b

Request headers

:path: /reboot/includes/assets/img/icon/simbolo-mais.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/reboot/includes/assets/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/reboot/includes/assets/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7311
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 14:59:36 GMT
server: cloudflare
etag: W/"6102c258-2c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEtCOnYWSJsrasXlYFa%2BqletyIvm89o1gDscSFwa%2BwnvJexBZkE0AhewbOcj8%2Bf4BxcTisGPM0MOiuTlAjHRqgIYIWFOB8ijgOGlaUWa8LMXMmLorH0TFC%2FXOBNspexDxRxndpV96pldiFt2kjMY"}],"group":"cf-nel","max_age":604800}
x-varnish: 176882502 176720554
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47387afa80605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 340ms
339ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

acb0becd13931962fa74508e7f3cd03867de9ad713a80b495abbd40d0f139375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10311
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 icon-seta-branca.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 486 B
1 KB 13ms
13ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/icon-seta-branca.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee25ab981932f30b684b02dbdf11c1297fec0354b5b2d8e5e78e5ebbace3345

Request headers

:path: /reboot/includes/assets/img/icon/icon-seta-branca.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/reboot/includes/assets/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/reboot/includes/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7311
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 13:50:45 GMT
server: cloudflare
etag: W/"6102b235-1e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ5H92MHWSMAuc89zBxSBjmswkMp%2FZNORSK585Npgpn0ZvhT0tNX8VIaHmUYn2aZAl7Hh1u3WkZvj%2FGuFsIsV%2FHe9QTC3VrRYbMX%2B0yPYWbR2%2BkWlRUNF6ihwtQzoJNzRoPjYoyVD1j%2FUZj49Mp0"}],"group":"cf-nel","max_age":604800}
x-varnish: 168829071 176328230
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47387cfcf0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 icon-seta-azul.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 489 B
1 KB 14ms
14ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/icon-seta-azul.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b7fbb7d2c2b44d319cbd02d4a37289b73fb75fa20a350a055fc84b0b96d7d0

Request headers

:path: /reboot/includes/assets/img/icon/icon-seta-azul.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/reboot/includes/assets/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/reboot/includes/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7311
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 13:50:45 GMT
server: cloudflare
etag: W/"6102b235-1e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLuUSv4t1JL0P3KX3ucLvaMUG5bwjpSe8pFoYIyOOlWR80itAAzEThLigNHCPRxSYIcjzNeqAtZNf4DoeJS2OuIjdvO%2BnqsxReAKVD1qOsKzaPTrGzaBD2pgG7HILlMxsdJw8AQ3aDXMIzQ9DFZv"}],"group":"cf-nel","max_age":604800}
x-varnish: 168829066 175474285
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47387cfd10605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H/1.1 200
OK /
player.transmissaodigital.com/proxy/6802/1/ 195 KB
0 488ms
133ms Media
audio/aacp 51.79.78.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://player.transmissaodigital.com/proxy/6802/1/
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.239 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568638.ip-51-79-78.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.64 PHP/7.2.34 / PHP/7.2.34
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 11 Aug 2021 21:10:33 GMT
icy-name: O POVO CBN 95.5
X-Powered-By: PHP/7.2.34
icy-notice2: SHOUTcast DNAS/posix(linux x64) v2.5.1.724
icy-url: opovo.com.br
icy-sr: 22050
Connection: Keep-Alive
icy-notice1: This stream requires <a href="http://www.winamp.com">Winamp</a>
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.64 PHP/7.2.34
icy-br: 128
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, OPTIONS
icy-pub: 0
Access-Control-Allow-Origin: *
icy-genre: News
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: audio/aacp
Keep-Alive: timeout=60, max=100

GET
H/1.1 200
OK /
player.transmissaodigital.com/proxy/6736/1/ 195 KB
0 489ms
133ms Media
audio/aacp 51.79.78.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://player.transmissaodigital.com/proxy/6736/1/
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.239 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568638.ip-51-79-78.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.64 PHP/7.2.34 / PHP/7.2.34
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 11 Aug 2021 21:10:33 GMT
icy-name: Radio O Povo CBN AM 1010
X-Powered-By: PHP/7.2.34
icy-notice2: SHOUTcast DNAS/posix(linux x64) v2.5.1.724
icy-url: http://www.orban.com
icy-sr: 22050
Connection: Keep-Alive
icy-notice1: This stream requires <a href="http://www.winamp.com">Winamp</a>
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.64 PHP/7.2.34
icy-br: 128
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, OPTIONS
icy-pub: 0
Access-Control-Allow-Origin: *
icy-genre: Notícias
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: audio/aacp
Keep-Alive: timeout=60, max=100

GET
H/1.1 200
OK /
player.transmissaodigital.com/proxy/6790/1/ 57 KB
0 501ms
139ms Media
audio/aacp 51.79.78.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://player.transmissaodigital.com/proxy/6790/1/
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.239 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568638.ip-51-79-78.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.64 PHP/7.2.34 / PHP/7.2.34
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 11 Aug 2021 21:10:33 GMT
icy-name: Orban Opticodec-PC Encoder
X-Powered-By: PHP/7.2.34
icy-notice2: SHOUTcast DNAS/posix(linux x64) v2.5.1.724
icy-url: opovo.com.br
icy-sr: 22050
Connection: Keep-Alive
icy-notice1: This stream requires <a href="http://www.winamp.com">Winamp</a>
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-Request-With
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.64 PHP/7.2.34
icy-br: 32
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, OPTIONS
icy-pub: 0
Access-Control-Allow-Origin: *
icy-genre: Various
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: audio/aacp
Keep-Alive: timeout=60, max=100

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 icon-seta-preta-cbn.svg
www.opovo.com.br/reboot/includes/assets/img/icon/ 489 B
1 KB 12ms
12ms Image
image/svg+xml 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/reboot/includes/assets/img/icon/icon-seta-preta-cbn.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/reboot/includes/assets/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4be89713a4c1c9d3924114991f78514a1889ebc8471656534da0a2e67a3fe82

Request headers

:path: /reboot/includes/assets/img/icon/icon-seta-preta-cbn.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/reboot/includes/assets/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/reboot/includes/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:32 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7311
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 19:54:44 GMT
server: cloudflare
etag: W/"61030784-1e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SfSrwd%2FgPJPVWICP7M95nc6n9MyTh9AvlImoO0QWzqlLhRluNMuO09JoX43F%2FYIWdDy7AZ%2FEDv9oNEfyuM%2BEML6aIP4cQ0n6hw7IRAOy5e6BjW1nzRPjwYKRpprDtErfDBc7PrY%2FCNsx%2FVKjund"}],"group":"cf-nel","max_age":604800}
x-varnish: 177079805 176328173
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 67d47387e8190605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5638
date: Wed, 11 Aug 2021 19:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 11 Aug 2021 21:36:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 117ms
46ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: lj4Lg3V4lB46mTN6yJkQqmjWFLSKUp/+N4YUi1+hAtdW8PRwkxvmr1Nqqwx98PUSSEQJIm8pgcvvJJXU+RfwVA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 11 Aug 2021 21:10:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 934ms
934ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e552814195512a8b0db15994a32cb767eec3e3f3019b24f6b51ef65dfcd8aa16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8126
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET RShXiDjJIIA
www.youtube.com/embed/ Frame 2F4C 0
0

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 escolha-de-newsletter-d40ab0d6a7038b3a503f Show response
forms.rdstation.com.br/ 36 KB
36 KB 374ms
124ms XHR
text/html 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.rdstation.com.br/escolha-de-newsletter-d40ab0d6a7038b3a503f
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6dae544072c4991301930f77bbb9827737cf46282fb38a2862762cc84b39eb76

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 11 Aug 2021 21:10:33 GMT
content-length: 36456
content-type: text/html

GET
H2 200 e Show response
embed.radiopublic.com/ Frame 1D78 11 KB
4 KB 105ms
33ms Document
text/html 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed10d35454e38914e25e3065e29a312b424941cb16fdcbc232aaa7799025c1db

Request headers

:method: GET
:authority: embed.radiopublic.com
:scheme: https
:path: /e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

content-type: text/html; charset=utf8
last-modified: Fri, 24 Jan 2020 14:31:48 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 11 Aug 2021 21:10:24 GMT
cache-control: public, max-age=300
etag: W/"cc35806c9c7a0e629964629c8ffa3729"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2M4za0s6S9hshHzG8ddJJZy4VzOAT6R-LVYpSfZ54aPL21KnDxus2w==
age: 269

GET
H2 200 modules.9a6619e61150e4449f35.js Show response
script.hotjar.com/ 221 KB
59 KB 110ms
41ms Script
application/javascript 54.192.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6619e61150e4449f35.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-254673.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-219-3.mrs52.r.cloudfront.net

Software

Resource Hash

fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 14:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59579
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 14:17:07 GMT
etag: "f404c80c4e9647abd5db65360cf9ecee"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ab94358e0d2d36f8b4f6ff94645b8b39.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LdGuyRLpmJ1PeZ6x_T8IP_5r87h1CHdjrfY4xmFm7EL8V7NTw1Vgpg==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1383743160&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1693140964&gjid=1394179491&cid=1000758193.1628716233&tid=UA-23310373-1&_gid=1657110017.1628716233&_r=1&gtm=2wg891WBWHQHX&z=1959366794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 200307651652585 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/200307651652585?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ca9c4e355f5caba2d98744fce8cd95767b4196f3670388328d6af12ce5394f7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73404
x-xss-protection: 0
pragma: public
x-fb-debug: ppza4SnCv7bZURpjo0vFtOJ9IJ0qOCdP4aGWGzqGIGKBETlIKJ3SrKs1xLjgQ4zQKYZNsocDlWaF2lIMJAdkeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 11 Aug 2021 21:10:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-23310373-1&cid=1000758193.1628716233&jid=1693140964&gjid=1394179491&_gid=1657110017.1628716233&_u=YAhAAEAAAAAAAC~&z=984047386

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Aug 2021 21:10:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RShXiDjJIIA Show response
www.youtube.com/embed/ Frame 2F4C 56 KB
24 KB 65ms
65ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29efea16eb8035af7fbfd78ded781007b0252a339e31b3d976d10a5c2d66154b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 11 Aug 2021 21:10:33 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=JwSclm1B8j0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Vy6pKKfqDI0; Domain=.youtube.com; Expires=Mon, 07-Feb-2022 21:10:33 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+705; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc0cbaf945a159758b1e56536890cd2d929d45c74f5c1a0b22a66daf3d8c246a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 1_1_e7ucacqxsaiubtj_16545239-16807523.jpg
www.opovo.com.br/_midias/jpg/2021/08/11/506x360/ 30 KB
31 KB 29ms
28ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/08/11/506x360/1_1_e7ucacqxsaiubtj_16545239-16807523.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6334d3fb12d9adaf7c8dbdbbb98e6b38bdf95f53d675011e821802a0b82e6e13

Request headers

:path: /_midias/jpg/2021/08/11/506x360/1_1_e7ucacqxsaiubtj_16545239-16807523.jpg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5429
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31167
last-modified: Wed, 11 Aug 2021 17:34:59 GMT
server: cloudflare
etag: "61140a43-79bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIVuIAty9n510uz4sxJIqBXEYxr%2F90UxlJWFYbP3TqOdHr9TkBamjGBZYNUpF4eQERWK60jqKM3BCntrqiASwc1eJD9ZrFF2bHWd2Ru9EO0%2FI%2FI6Uo4dXI6gDdts%2FsVtryTFcMoasoe0y34A%2F%2BmZ"}],"group":"cf-nel","max_age":604800}
x-varnish: 183238661 181764438
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d4738879660605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_untitled_design__3_-16806280.jpg
www.opovo.com.br/_midias/jpg/2021/08/11/190x144/ 10 KB
10 KB 16ms
15ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/08/11/190x144/1_untitled_design__3_-16806280.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 723e501f4e38617a697af2b4047c3185034ed26f1e5577d5f64feb1f46975cc7

Request headers

:path: /_midias/jpg/2021/08/11/190x144/1_untitled_design__3_-16806280.jpg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3580
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9947
last-modified: Wed, 11 Aug 2021 13:33:40 GMT
server: cloudflare
etag: "6113d1b4-26db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfEzFDhdfiFpR45y2s7HaOMP1QBxUps8FFlLxqL94wgwutvmqREoIQEdyok274zdmg%2BdAOEBQOP5en6N1rSESZL7xu%2BNlajgN8iGl6ESHaKXcrc%2B%2FPqRGBIfd12xpZMCZIpKW5gFzpfK04q7Z5xV"}],"group":"cf-nel","max_age":604800}
x-varnish: 187269675 186712790
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d47388796d0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_fumaca_no_pecem-16802273.jpeg
www.opovo.com.br/_midias/jpg/2021/08/10/190x144/ 10 KB
10 KB 15ms
14ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/08/10/190x144/1_fumaca_no_pecem-16802273.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecc69ac2569c7d51c47188683562fa35f391a92207a4ea4cfce6327ed4b7124

Request headers

:path: /_midias/jpg/2021/08/10/190x144/1_fumaca_no_pecem-16802273.jpeg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9920
last-modified: Tue, 10 Aug 2021 21:55:30 GMT
server: cloudflare
etag: "6112f5d2-26c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IjG7EdGgkK2KTzFuHGsNkuzQde%2FQZUkOVGRHU0LWOVnDlgOjaB7ZahIKJjFr2YXLFV4NkUvoxN8M4nusDFwBeUQZ7zmXaIKm4xk8Ym4g3jR7p524pcpsuCPootmuHYnUIl4eEd2mmtUSiY6Cy%2FK"}],"group":"cf-nel","max_age":604800}
x-varnish: 192774737 191398643
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d4738879720605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 clovisholanda_2021-15447451.png
mais.opovo.com.br/_midias/png/2021/04/13/ 701 KB
702 KB 615ms
205ms Image
image/png 200.194.101.94
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mais.opovo.com.br/_midias/png/2021/04/13/clovisholanda_2021-15447451.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.194.101.94 Fortaleza, Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 8390ca880cb9010395dfcf17e842c4b846fe445a88008317853280d2c198b8fc

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:22:06 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Wed, 14 Apr 2021 01:40:18 GMT
server: nginx
age: 13268
etag: "60764802-af477"
access-control-allow-methods: GET, OPTIONS
x-varnish: 8074585 911937
access-control-allow-origin: *
x-ua-device: desktop
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 717943

GET
H2 200 andre_bloc-16039537.jpg
mais.opovo.com.br/_midias/jpg/2021/06/09/ 296 KB
297 KB 807ms
397ms Image
image/jpeg 200.194.101.94
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mais.opovo.com.br/_midias/jpg/2021/06/09/andre_bloc-16039537.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.194.101.94 Fortaleza, Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: ba959ccf71867a76d7e4bc7bba9477b2d979659980edb7808e912964ae8356fe

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:22:06 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Wed, 09 Jun 2021 03:56:34 GMT
server: nginx
age: 13268
etag: "60c03bf2-4a01d"
access-control-allow-methods: GET, OPTIONS
x-varnish: 10160426 9044286
access-control-allow-origin: *
x-ua-device: desktop
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 303133

GET
H2 200 ledamaria-12638099.png
mais.opovo.com.br/_midias/png/2020/05/20/ 489 KB
489 KB 816ms
406ms Image
image/png 200.194.101.94
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mais.opovo.com.br/_midias/png/2020/05/20/ledamaria-12638099.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.194.101.94 Fortaleza, Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 51068d7e137c6b7726ed0c3761e2d5f06707bf6d43f9fd982e8c585ede2c4dba

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:22:06 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Wed, 20 May 2020 21:28:23 GMT
server: nginx
age: 13268
etag: "5ec5a0f7-7a203"
access-control-allow-methods: GET, OPTIONS
x-varnish: 9605263 3795678
access-control-allow-origin: *
x-ua-device: desktop
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 500227

GET
H2 200 ashara-16567683.jpg
mais.opovo.com.br/_midias/jpg/2021/07/28/ 305 KB
306 KB 811ms
402ms Image
image/jpeg 200.194.101.94
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mais.opovo.com.br/_midias/jpg/2021/07/28/ashara-16567683.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.194.101.94 Fortaleza, Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 6298b38f3fff05de65d95e2488175cfe03899c0fdb9708b2cf89d8cb0970a132

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:22:06 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Wed, 28 Jul 2021 22:48:40 GMT
server: nginx
age: 13268
etag: "6101dec8-4c393"
access-control-allow-methods: GET, OPTIONS
x-varnish: 3589472 8200832
access-control-allow-origin: *
x-ua-device: desktop
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 312211

GET
H3-29 200 1_agenciacorinthians_foto_175146-14807098.jpg
www.opovo.com.br/_midias/jpg/2021/02/03/500x300/ 37 KB
38 KB 16ms
15ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/02/03/500x300/1_agenciacorinthians_foto_175146-14807098.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b08c9f7a86522551301ca94e21255ee178956b6fa21b5b339012a4b862028584

Request headers

:path: /_midias/jpg/2021/02/03/500x300/1_agenciacorinthians_foto_175146-14807098.jpg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7300
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 37841
last-modified: Thu, 04 Feb 2021 02:16:47 GMT
server: cloudflare
etag: "601b590f-93d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9NiGsOmayz0SUAj%2B2Uks86Luil%2FYvK7xNzKrm7VNR4cxyEloKBIkIt0AJmDchpfZ8AA92Hnpe1%2Bdx1mM18M7lHx9DcQ6WnS7uQ1FDy8B3aCBDlk0wXu4e%2FEMKKZixO2%2BqxY5EGd4%2Fx%2FuGYxn3An"}],"group":"cf-nel","max_age":604800}
x-varnish: 168829263
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d4738879770605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_20210810103800817673e-16806457.jpg
www.opovo.com.br/_midias/jpg/2021/08/11/400x300/ 48 KB
49 KB 39ms
38ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/08/11/400x300/1_20210810103800817673e-16806457.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62d058eed4cc539bd198e74f38867d3e7ec28d1d70123573ea231647a066eab

Request headers

:path: /_midias/jpg/2021/08/11/400x300/1_20210810103800817673e-16806457.jpg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3597
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 49058
last-modified: Wed, 11 Aug 2021 14:39:07 GMT
server: cloudflare
etag: "6113e10b-bfa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TR8BYkFrnnGvoPxlai6cBtieMk7INeeCLlE%2FEBVMH2%2FSs0%2Fq55Ddi%2FkBQgJdNIG3w%2FQc5pbSJP0o3DBMCcbhjXGw1q0abZq1EOZEdUhcWzs%2FNGpseH9nGUzF4XvJ6mmm6TnqwVkyTrl7xK6dZVXZ"}],"group":"cf-nel","max_age":604800}
x-varnish: 187728485 182913051
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d4738879790605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 comercio_de_rua_e_saloes_de_beleza_reabrem20200627_0330_0-16805810.jpg
www.opovo.com.br/_midias/jpg/2021/08/11/ 325 KB
326 KB 20ms
19ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/08/11/comercio_de_rua_e_saloes_de_beleza_reabrem20200627_0330_0-16805810.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ad109632376588f52247123a1faf794c8611b3b420c46386d00427733623a3d

Request headers

:path: /_midias/jpg/2021/08/11/comercio_de_rua_e_saloes_de_beleza_reabrem20200627_0330_0-16805810.jpg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7289
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 333037
last-modified: Wed, 11 Aug 2021 09:48:45 GMT
server: cloudflare
etag: "61139cfd-514ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIq15Hhfpli0hUL%2F61cMDH2fSDz%2Bk8ygpdRStQ3xZv7S1rV%2FJcI6y2fH94NLkPmeE6JlR7smOIlhnjRKrgCc3sujryNmX5ajx9ZdbOE%2FG333SqRF1u0Yw3gVmaDdcTIc6%2BCW6xP17QEeEcLKpYDE"}],"group":"cf-nel","max_age":604800}
x-varnish: 174790012
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d47388797e0605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 provas_concursos_publicos_2014_620x300__1__ggh-16802252.jpg
www.opovo.com.br/_midias/jpg/2021/08/10/ 223 KB
224 KB 42ms
41ms Image
image/jpeg 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2021/08/10/provas_concursos_publicos_2014_620x300__1__ggh-16802252.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8eca11d2042157cca4452b3e76ec73d8bea575f1b02a196fe64fdc6288d92ab

Request headers

:path: /_midias/jpg/2021/08/10/provas_concursos_publicos_2014_620x300__1__ggh-16802252.jpg
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7289
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 228591
last-modified: Tue, 10 Aug 2021 21:49:35 GMT
server: cloudflare
etag: "6112f46f-37cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHJdRDVgBboFtHykIU7QCp621j8rGOQNp8Zp0aeslclfjqlH9i20tJXjYGGe2M0oWvvw9a4%2FK8aqboZPFGwZR5PJVnQK1iXFQT784F7AjM21LIbz961jR%2B4pAPOoeF7%2FCToi5fZwirhCkQjjcMnz"}],"group":"cf-nel","max_age":604800}
x-varnish: 174790030
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d4738879800605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 itau-13309284.png
www.opovo.com.br/_midias/png/2020/08/20/ 2 MB
2 MB 46ms
45ms Image
image/png 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/png/2020/08/20/itau-13309284.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5883c97b5d12d166d1489e2f96e38a8c4e70b8eae2d97a6fb743f0b62d31c4c1

Request headers

:path: /_midias/png/2020/08/20/itau-13309284.png
pragma: no-cache
cookie: _gcl_au=1.1.21283821.1628716233; _ga=GA1.3.1000758193.1628716233; _gid=GA1.3.1657110017.1628716233; _gat_UA-23310373-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7288
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1687045
last-modified: Thu, 20 Aug 2020 15:48:59 GMT
server: cloudflare
etag: "5f3e9b6b-19be05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBFb6sEINYgMZXWsDuXuKr%2FiSDqcvv%2BbJxUaUDtwdh07vdrU13h1p5I4%2FBiD3%2FoRtr4akgsUWp7OFobVtykHBVJThlxtyIM%2BiKpapcTtWvpuwesrVu9YGe27xW8OfLQWEzcWUy7GsAcdZCqTK1Fa"}],"group":"cf-nel","max_age":604800}
x-varnish: 174790053
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 67d4738879810605-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=PageView&dl=https%3A%2F%2Fwww.opovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&if=false&ts=1628716233051&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1628716233050.717526494&it=1628716233019&coo=false&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23310373-1&cid=1000758193.1628716233&jid=1693140964&_u=YAhAAEAAAAAAAC~&z=690669953

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 23ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23310373-1&cid=1000758193.1628716233&jid=1693140964&_u=YAhAAEAAAAAAAC~&z=690669953

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/4224c673/www-widgetapi.vflset/ 126 KB
42 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21c656c6aae5babedb87b7511e29fad50499615042bf7fdf35667dfcbbf19acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 1981
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42930
x-xss-protection: 0
expires: Thu, 11 Aug 2022 20:37:32 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 4374 2 KB
1 KB 106ms
30ms Document
text/html 52.84.45.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-254673.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-108.mrs52.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: hOyol8k42hN0zXg8zoyXNBd94G0Yqv-7XUbTh_9sb3nYG4yhepE_ww==
age: 6000928

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/837786358/ 2 KB
1 KB 87ms
41ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/837786358/?random=1628716233089&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c15e9c103ce642e0726e890cc4c8acbbbf57cb612021a2ef37b84e6d902e6181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/837786358/ 0
0 26ms
22ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/837786358/?random=1628716233089&cv=9&fst=1628716233089&num=1&fmt=3&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/837786358/ 2 KB
1 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837786358/?random=1628716233098&cv=9&fst=1628716233098&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b00d227d7958b65dcd8a2f780e43644c2ad45655b6037ad23b7a2142a229a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1058
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 polyfills.63d6daa4ba80a22905cf.bundle.js Show response
embed.radiopublic.com/ Frame 1D78 91 KB
30 KB 37ms
36ms Script
application/javascript 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.radiopublic.com/polyfills.63d6daa4ba80a22905cf.bundle.js
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3893d9665f8fbf07ef6b354ba585077392c45b3f503831a7e1e6ec48d2e2270b

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 00:44:14 GMT
content-encoding: gzip
last-modified: Wed, 18 Dec 2019 15:13:36 GMT
server: AmazonS3
age: 8022380
etag: W/"097d72b7703cf13e2cb95377efd8930c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: public, immutable, max-age=999999999
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -Z88yfETjnRg7s23G1mIoOKnKWvPn3JvVE_7LAKpBCaYa1tWnpCnpQ==

GET
H2 200 main.d7153dbb4656afb51bf8.bundle.js Show response
embed.radiopublic.com/ Frame 1D78 649 KB
146 KB 33ms
32ms Script
application/javascript 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c17bdd3155570f35de26a1f74f5d8d38ebd693cb690c8b09f7eab540c4d520f4

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 16:21:43 GMT
content-encoding: gzip
last-modified: Wed, 18 Dec 2019 15:13:36 GMT
server: AmazonS3
age: 9175731
etag: W/"51996d331753822cd1680871ba63d94b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: public, immutable, max-age=999999999
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QayWdrF9692jB5jvJM76jOskAERXD57ahHypsCAbkxjQ3FKzgcqcwg==

GET
H2 200 large-semi-transparent-play.svg
embed.radiopublic.com/assets/images/ Frame 1D78 1 KB
954 B 99ms
94ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/large-semi-transparent-play.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c97016870b24d7e538d20e7775074972e95d8d1bba9843968034059cf8e06a47

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:33:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 2242
etag: W/"352791b998a1ef81e542b4b37adedd37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: H-mxKRrEWdA9iCf-NyOeGGacKO5u9afQgHIwmKWaIvcchlbrTzdYZQ==

GET
H2 200 back-5.svg
embed.radiopublic.com/assets/images/ Frame 1D78 2 KB
1 KB 98ms
94ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/back-5.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a7e110fe75abb6ae45bdb59eb36815371f0dcbf3a2a8b1296dccef40cc487b

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:08 GMT
server: AmazonS3
age: 693
etag: W/"51fca168215f1ddadf9d8b82df8b97e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0GJESkFoTVIzp5bafLBBXqUSI0S5dZ6iVN0bHgndo4JKTKMvvFDhWQ==

GET
H2 200 play.svg
embed.radiopublic.com/assets/images/ Frame 1D78 1 KB
869 B 99ms
94ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/play.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55fa35d4287b6076f06fe6c33f5302e04c594549b6fdb2fb67c27a840eb5060d

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:33:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 2242
etag: W/"ef5d29e971ea72d8b333969a125207a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0gN59xeay9H-O8MJnd97KTLleoOC8DuBGS1WoAO2mkXT_tm9L4Rzhg==

GET
H2 200 forward-30.svg
embed.radiopublic.com/assets/images/ Frame 1D78 2 KB
1011 B 104ms
100ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/forward-30.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e1dcab28d56d415e3591c4a20dcb4f579750ddbc5c2927db2693537a3be3d18

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:06 GMT
server: AmazonS3
age: 693
etag: W/"8392484df7737c2a76160593aeaac67e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bSBiUjpw6g8DZEisIugrwAoyqpvfV8WHMVLPLN3OhUy1JlnvSvqcpQ==

GET
H2 200 download.svg
embed.radiopublic.com/assets/images/ Frame 1D78 494 B
823 B 103ms
98ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/download.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d981ce75575944eb8894c8288c35a4a433e0073294af0bbe2e197ad896bc4a4

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:24 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 2941
etag: "13d192981ff41814a5790114edba6af1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 494
x-amz-cf-id: vZPB7jhGOdXOfyXcwgu8aL1avpCieVv-z2_b8GCrFvMdvGyVgHUsuQ==

GET
H2 200 web.svg
embed.radiopublic.com/assets/images/ Frame 1D78 4 KB
2 KB 103ms
98ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/web.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9790b1e59dc7381d61727e37a3427430c62f5507d85243b96dace08caf43f6e4

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:08 GMT
server: AmazonS3
age: 693
etag: W/"154bef7bff0e9c58a130e7e11a6e3b45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: B2een5G1H4SaoqZmjyrkvDKSgACJUPoWm3a1pxi-KBy8mOtN8vxcoQ==

GET
H2 200 embed.svg
embed.radiopublic.com/assets/images/ Frame 1D78 566 B
893 B 103ms
98ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/embed.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf741964e9f94011b12fba5ee48912ed12c9bc0530448ebb08c0fc69f0c1206b

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:32:25 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:09 GMT
server: AmazonS3
age: 2289
etag: "75ec802dc5528af1e787aed002c19f77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 566
x-amz-cf-id: c2wzVk2UiLYamgASkBpxU6nr024Lj8RsGy-cszjG4Ubt04l1OChxlQ==

GET
H2 200 dismiss.svg
embed.radiopublic.com/assets/images/ Frame 1D78 687 B
1016 B 103ms
99ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/dismiss.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd27afebefc1df9f840e6c9f09fabda18857d03e89c5245e24d709e7618e3420

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:24 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:09 GMT
server: AmazonS3
age: 2242
etag: "3a5a444c9c7d17ecabcaa6f81020f4c8"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 687
x-amz-cf-id: YgMBtQyWXkKpDyu9EP8Ld_LIydHkd1kKpdhR0a1cBIzY6ik6BOGBlQ==

GET
H3-29 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 1D78 27 KB
7 KB 32ms
29ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.radiopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 12269401
cdn-cachedat: 2021-03-11 11:58:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: af3097212757f6b13d804a73f5f188bc
cf-ray: 67d473890fed1f3d-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 css
fonts.googleapis.com/ Frame 1D78 2 KB
546 B 27ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://embed.radiopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:30:27 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/4224c673/ Frame 2F4C 328 KB
45 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 192328
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:45:05 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/4224c673/www-embed-player.vflset/ Frame 2F4C 192 KB
64 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 01:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 69665
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65180
x-xss-protection: 0
expires: Thu, 11 Aug 2022 01:49:28 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 2F4C 2 MB
493 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 192371
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504682
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:22 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/ Frame 2F4C 8 KB
3 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 06:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 54202
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 11 Aug 2022 06:07:11 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F4C 15 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 160057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:42:56 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/837786358/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/837786358/?random=1628716233098&cv=9&fst=1628715600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&async=1&fmt=3&is_vtc=1&random=1472737643&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/837786358/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/837786358/?random=1628716233098&cv=9&fst=1628715600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&async=1&fmt=3&is_vtc=1&random=1472737643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 1D78 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.radiopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5639
date: Wed, 11 Aug 2021 19:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 11 Aug 2021 21:36:34 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/837786358/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

20ms
20ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=yTwUYdHNCYqx7gO5hrTwAw&cid=CAQSKQCNIrLMrdUnbQPXgHWjFa8je6MC6gW7b4EZ0Q6pUqQ568UtbMV0Loic&eitems=ChEI8OrNiAYQhsGUkJjWsejqARIdAAVz41kXA7EFqF72HbSYQ_kFl2Nq1LUoQZSB3QU&random=1370903325&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/837786358/?random=1744853648&cv=9&fst=1628716233089&num=1&value=0&label=17eDCNvjrYwCEPa1vo8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg891&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.opovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&tiba=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=21283821.1628716233&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=yTwUYdHNCYqx7gO5hrTwAw&cid=CAQSKQCNIrLMrdUnbQPXgHWjFa8je6MC6gW7b4EZ0Q6pUqQ568UtbMV0Loic&eitems=ChEI8OrNiAYQhsGUkJjWsejqARIdAAVz41kXA7EFqF72HbSYQ_kFl2Nq1LUoQZSB3QU&random=1370903325&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 2F4C 113 B
159 B 27ms
27ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c9ee068246b119e180428ea017dc563db6f5f80da90cdc398ea4a5151bb23b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2F4C 29 B
424 B 27ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 652
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:14:41 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame A4CA 188 KB
55 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame A4CA 13 KB
5 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame A4CA 87 KB
27 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame A4CA 4 KB
2 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame A4CA 40 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
DATA 200
OK truncated
/ Frame A4CA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7af630f5e64fa5126dba87d033705b6af29d1fc65e0067f04230845c72be3a9

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3493550197876967596
tpc.googlesyndication.com/daca_images/simgad/ Frame A4CA 71 KB
71 KB 8ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3493550197876967596

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a37e9188ccc254bd226a3b20b91be9aed6ac4ee729f86a81df6da0cfb1576af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 17:47:34 GMT
x-content-type-options: nosniff
age: 444179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72316
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 15:49:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 17:47:34 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4CA 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 71080
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4CA 344 B
569 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 18:40:15 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A4CA 0
0 41ms
41ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP7CUyDwUYerEOvPX7_UPgY-M0Azire-dZKP4nM-SDvHJ_d8FEAEg3Nf7ImD7gYCAiAqgAa3Iqb4DyAEC4AIAqAMByAMIqgTSAU_QFzrRY8K_VuThl05aSf5rTgNmNPIO0zW8eLf1fp9wBhXCRJIbc8S5JS9Ds6tC6EW-IB4DWM1LkaXgx_ZpIFWpnv9yRzObO2PoonYdfmIs5GNNgI_nYBFFMasJRcukfWUFIEOEpsST8KR_Wd0E1FwGi4QOg4AfOxUwLayXlH1Q6N1YMawsgHms3Fc9q81kE-eN8R01LawOCIBajAVEPyULF35-C6M5ZySdJwvVSrLxI_ZnySrhgFxlTkfig3Rh3SPKrPZwuHcH-nNfdRUn4hr5c8AEjs6A9csD4AQBkgUECAQYAZIFBAgFGASgBgKAB7u31kGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ8NEI0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTUzNzc1MDAyOTQ3MTA0MDcYvIoR&sigh=VtnNbOoZaSg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 2F4C 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 192369
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29745
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:24 GMT

GET
H3-29 200 DydZgTxJbj4WkQtk7-lHHyYpajEQA8iwHywFbszFFf8.js Show response
www.google.com/js/th/ Frame 2F4C 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/DydZgTxJbj4WkQtk7-lHHyYpajEQA8iwHywFbszFFf8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2759813c496e3e16910b64efe9471f26296a311003c8b01f2c056eccc515ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 05:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13238
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 05:11:04 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 2F4C 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 191976
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7445
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 2F4C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSYHl8K3x8TqgPS1rWvNly_31PGI7HpBIEOIVDDCRI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2F4C 3 KB
3 KB 28ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSYHl8K3x8TqgPS1rWvNly_31PGI7HpBIEOIVDDCRI=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d49733b68153b5908d90444dd86378352eba5f9c0915fdb780f409ea126a889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:05:01 GMT
x-content-type-options: nosniff
age: 332
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3000
x-xss-protection: 0
server: fife
etag: "v17e84"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Jul 2021 23:13:38 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/RShXiDjJIIA/ Frame 2F4C 21 KB
21 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RShXiDjJIIA/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d0b0ad9c7d497814338ccfb16c3ffab79729f3a2f8b1de1148398ce0bfb798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:20 GMT
x-content-type-options: nosniff
server: sffe
age: 13
etag: "1628618793"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21604
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:15:20 GMT

GET
H2 200 back-5.svg
embed.radiopublic.com/assets/images/ Frame 1D78 2 KB
1 KB 35ms
34ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/back-5.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a7e110fe75abb6ae45bdb59eb36815371f0dcbf3a2a8b1296dccef40cc487b

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:08 GMT
server: AmazonS3
age: 693
etag: W/"51fca168215f1ddadf9d8b82df8b97e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mbh-x4AXuLsCc9FdnMDFP9k766mJQmEO6UH8LKVAWR0ov9DBGkWMtQ==

GET
H2 200 forward-30.svg
embed.radiopublic.com/assets/images/ Frame 1D78 2 KB
1011 B 35ms
35ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/forward-30.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e1dcab28d56d415e3591c4a20dcb4f579750ddbc5c2927db2693537a3be3d18

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:06 GMT
server: AmazonS3
age: 693
etag: W/"8392484df7737c2a76160593aeaac67e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: THTwLRVKTCJBwjD8JSOVKX34_VOHucoblt_1WRm7DJ4pDd0S6Dcvrw==

GET
H2 200 embed.svg
embed.radiopublic.com/assets/images/ Frame 1D78 566 B
895 B 36ms
36ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/embed.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf741964e9f94011b12fba5ee48912ed12c9bc0530448ebb08c0fc69f0c1206b

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:32:25 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:09 GMT
server: AmazonS3
age: 2289
etag: "75ec802dc5528af1e787aed002c19f77"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 566
x-amz-cf-id: DpTMJAhBpS7hHIBgNDMx_IOkdD1IqZWsd00pHroqss6whdzQwqNNMQ==

GET
H2 200 dismiss.svg
embed.radiopublic.com/assets/images/ Frame 1D78 687 B
1015 B 37ms
36ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/dismiss.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd27afebefc1df9f840e6c9f09fabda18857d03e89c5245e24d709e7618e3420

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:24 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:09 GMT
server: AmazonS3
age: 2242
etag: "3a5a444c9c7d17ecabcaa6f81020f4c8"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 687
x-amz-cf-id: 7REVaTiJGaAJ967HxMvLPxPT0no1SdIlXv4a5BUa_BNRU42TR9meRw==

GET
H2 200 large-semi-transparent-play.svg
embed.radiopublic.com/assets/images/ Frame 1D78 1 KB
953 B 35ms
34ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/large-semi-transparent-play.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c97016870b24d7e538d20e7775074972e95d8d1bba9843968034059cf8e06a47

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:33:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 2242
etag: W/"352791b998a1ef81e542b4b37adedd37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WUpGoVr53rqB26ztGiMidFX4AsIDrvYpgul2DBhjk1li7PoA6HfJCg==

GET
H2 200 play.svg
embed.radiopublic.com/assets/images/ Frame 1D78 1 KB
870 B 35ms
34ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/play.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55fa35d4287b6076f06fe6c33f5302e04c594549b6fdb2fb67c27a840eb5060d

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:33:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 2242
etag: W/"ef5d29e971ea72d8b333969a125207a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: st_CFgLslpqH4FGvB4H26OhJlz4CgQyrPIav-yvM8KQeffrlarwwuQ==

GET
H2 200 download.svg
embed.radiopublic.com/assets/images/ Frame 1D78 494 B
821 B 37ms
36ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/download.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d981ce75575944eb8894c8288c35a4a433e0073294af0bbe2e197ad896bc4a4

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:24 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 2941
etag: "13d192981ff41814a5790114edba6af1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 494
x-amz-cf-id: e93-aaGIsrTPsSCKBFtn0ZKlJN5SsBrRAsAZwMW8aAieASkj_qr0WA==

GET
H2 200 web.svg
embed.radiopublic.com/assets/images/ Frame 1D78 4 KB
2 KB 34ms
34ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/web.svg
Requested by: Host: embed.radiopublic.com
URL: https://embed.radiopublic.com/main.d7153dbb4656afb51bf8.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9790b1e59dc7381d61727e37a3427430c62f5507d85243b96dace08caf43f6e4

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:08 GMT
server: AmazonS3
age: 693
etag: W/"154bef7bff0e9c58a130e7e11a6e3b45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cYH_OTLAUy4oXF6NvhKhUIqUaSzAxABuSByMBxgZ8IAwRQhZzSCktA==

GET
H2 200 google-play.png
embed.radiopublic.com/assets/images/ Frame 1D78 18 KB
18 KB 35ms
35ms Image
image/png 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/google-play.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93de9da26817cc716a1e41bb7508dd98825bfb43ca156d26987d963287dd4291

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:14:58 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 21:49:07 GMT
server: AmazonS3
age: 3336
etag: "3214fc1e6a17100f065a527afc736aa8"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18509
x-amz-cf-id: C6Dj-8PYzUHl5p4aHvHc6Yq1Pg0RyzT6QsUZFdaQgDRz7WfdW1hAWw==

GET
H2 200 app-store.svg
embed.radiopublic.com/assets/images/ Frame 1D78 12 KB
5 KB 34ms
34ms Image
image/svg+xml 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.radiopublic.com/assets/images/app-store.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

Referer: https://embed.radiopublic.com/e?if=futcast-GAxDgY&ge=s1!e4944a27c7bae916d6a0e027ae7e2ad8c5d9e982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:59:02 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 21:49:08 GMT
server: AmazonS3
age: 692
etag: W/"d0558d91063038236b60e3ef71fdc1fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: alDyTHZcoadfnN3n8icc7A8qfH4x86CsS6MFCiHvky0hnTNGQGxCew==

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A4CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

45ms
45ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 3493550197876967596
tpc.googlesyndication.com/daca_images/simgad/ Frame A4CA 71 KB
71 KB 16ms
15ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3493550197876967596

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a37e9188ccc254bd226a3b20b91be9aed6ac4ee729f86a81df6da0cfb1576af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 17:47:34 GMT
x-content-type-options: nosniff
age: 444179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72316
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 15:49:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 17:47:34 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4CA 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 71080
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4CA 344 B
368 B 13ms
13ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 18:40:15 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=Microdata&dl=https%3A%2F%2Fwww.opovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&if=false&ts=1628716233588&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22Not%C3%ADcias%20de%20%C3%BAltima%20hora%2C%20an%C3%A1lises%20pol%C3%ADticas%2C%20neg%C3%B3cios%2C%20opini%C3%B5es%2C%20esportes%2C%20entretenimento%2C%20podcasts.%20Tudo%20isso%20%C3%A9%20O%20POVO.%20%20Somos%20multiplataforma%2C%20comunicando%20h%C3%A1%20mais%20de%2090%20anos%20a%20hist%C3%B3ria%20do%20Cear%C3%A1.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%3Awidth%22%3A%22400%22%2C%22og%3Aimage%3Aheight%22%3A%22240%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fhome%2Findex.html%22%2C%22og%3Asite_name%22%3A%22O%20POVO%22%2C%22article%3Atag%22%3A%22%22%2C%22article%3Apublished_time%22%3A%222021-08-11%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2FOPOVOOnline%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fbusca%2F%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1628716233050.717526494&it=1628716233019&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B89 0
0 41ms
41ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9XmhKkx7hhcXzU22cuIbBCz4v3654WE_xwh8HjClwsx5polz0YD3v5wWSZznHtDdwATqtuxwCg-RH6nZ5BfHwxU1KWe_j5jrcyL1v4R_5szMsXV2716CpwGNgWNrxQkL2FZqEPiAK0Y2de2NdpAvGewEjbgpvnuimJ45Zsp3D8T33B3oZZls7dX22UUOsWpMptjwKWJcVAabE6KWYvAUV8Bx1Tt5FsGrOoTJEpW8IV2TcN3yAPd96Srjz_dIgIpVe7lJEyjC0BUVU1wsIwPZC89GzQj78u73EJ_3bh9osCOgMzm-D-naAiDvmJ2dPOZ82Vi8&sai=AMfl-YQrAMNsdijiFV6bz7nysJsj9DQlsVnR-zpyGKkTqVmMnhzgTcQiPlj7VeUyke2cSz-LNil6jwqXPpGKbowOtBxtGlVt6ckXGVyAgbj601X1_cDXnLMUY6htmxvtb4y7&sig=Cg0ArKJSzEqBEG_lkHCDEAE&adurl=

Requested by

Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 1B89 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:41:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 1B89 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:42:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B89 124 KB
37 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1B89 0
0 13ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYY4j1qqq8Fa_Dv_6RGERQiDEmo7qa2GAgQMvM39V3_ouN6A6OSMqMB0b45_2GLCi8sz0Gf9i9AjwzM1XFdrkO9qqnUg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16070139301635325997
tpc.googlesyndication.com/simgad/ Frame 1B89 11 KB
11 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16070139301635325997

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4653897fa212130fb903edef7589c0e0e8fd2e7b89140eca46359c1110bf2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 21:23:14 GMT
x-content-type-options: nosniff
age: 85639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 18:32:23 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 21:23:14 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 2F4C 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?jiNSGA
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 css
fonts.googleapis.com/ 15 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5fe677f5b7e72b891cd094fc07280de57be8c282ac46c6640cb898f2fc75d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:29:41 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 14 KB
3 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449589
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2295
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-38aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSjrqd15nHKX%2Ffl%2Bw3yl9Ds0KgCM1rWoMW8zAtE8tcF3IFLnFbIc2XiNhoCVxq4Rkhdpfw4dTrg%2BNtE%2BXbQ%2B44xWrMq5WwyuU%2FauJaHkGrw1H3%2B9MK%2FPtAcFtRxes1dnlK43lMvPy7szEi2QQ2tyz2ER"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67d4738caf5b4309-FRA
expires: Mon, 01 Aug 2022 21:10:33 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2F4C 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame B510 188 KB
54 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B510 13 KB
5 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B510 87 KB
27 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B510 4 KB
2 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame B510 40 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B510 3 KB
578 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:29:30 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B510 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 71080
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B510 344 B
368 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 18:40:15 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15188301738474473393/ Frame B510 41 KB
41 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15188301738474473393/downsize_200k_v1?w=600&h=314

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77d07b489aa8efe2e5cd5d88e82b5f2f1e0ce451fcbc6f6cf171461d7945a1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:07:08 GMT
x-content-type-options: nosniff
age: 371005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42117
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 12:37:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 14:07:08 GMT

GET
DATA 200
OK truncated
/ Frame B510 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B510 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c8623033881da241cd6e7a0e7209fcbf39c46ba2e87eb6b523f7b15ac6d2949

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 7E1F 188 KB
54 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7E1F 13 KB
5 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7E1F 87 KB
27 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7E1F 4 KB
2 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7E1F 40 KB
13 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7E1F 4 KB
618 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:30:08 GMT
server: ESF
date: Wed, 11 Aug 2021 21:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7E1F 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 71080
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7E1F 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 18:40:15 GMT

GET
H3-29 200 2076313506083323656
tpc.googlesyndication.com/simgad/10466602061359707128/ Frame 7E1F 35 KB
35 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10466602061359707128/2076313506083323656

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bcf1eefa090e349dcfd3908bc8afe7ffe177bafb5454a3e476963f11883d422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 22:01:45 GMT
x-content-type-options: nosniff
age: 169728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 10:34:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 22:01:45 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11105845969001044378/ Frame 7E1F 3 KB
3 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11105845969001044378/downsize_200k_v1?w=100&h=100

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9a8fa2c257f4bc7858faa91d156853f0b7bf42ed048f8ad6f0916595625c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:11:07 GMT
x-content-type-options: nosniff
age: 111566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3234
x-xss-protection: 0
last-modified: Tue, 05 Jan 2021 11:23:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 14:11:07 GMT

GET
DATA 200
OK truncated
/ Frame 7E1F 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E1F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e2f3bf9cc2d2d51bb012bacc14fa6041d2c6ae0396d6ec60564b175ad6250e6

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A69A 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 11 Aug 2021 21:10:32 GMT
expires: Thu, 11 Aug 2022 21:10:32 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B510 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgKcAnslNl6PVh1XSueV8KAg37CQF9lEOuJCXNCZefc_CZRooy-k9L523AUo29udZGExlDXt1EQkStflSKUD2LKTYnvA
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B510 0
0 43ms
42ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8sDpyTwUYdX5DaTZ7_UPhpO7yAy8gNSiZM-wpbmLDpaCzYWIFhABINzX-yJg-4GAgIgKoAGhlfLtAsgBCakC2quXnXu1sz7gAgCoAwHIAwqqBNoBT9Cq-vtWeCwfKwWlY0Fv5Ivcl3UExYQvBlp3BorbM6lChXo5rUtQaM1erolzMGYV-fScZsoWeY45UkKx8xnSxmhRP5pkv-msOz0ZATcXcseICKg9rGri3fEbSmRrCHbjaHYmv1I20k_QFmMPszeLEBrBWMY2Yh3Q_nHCywknHa5o6Z2O7HIcQDZa62Oh1-ocl40yM8AFzl2Vs8Z8aq8diJH5SF6i5n50oqEs-3J8tBtKU3LJKSOpwz33PpObqladDjusfdWITcp86AINX7wDtMDylrhQzP2cbFjABMrAm7LZA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfH6o2SAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCeghfSCAkIiOGAEBABGB2ACgPICwG4E4gn2BML0BUBmBYBgBcBshceChwIABIUcHViLTUzNzc1MDAyOTQ3MTA0MDcYvIoR&sigh=nPWq84Ci8W8&template_id=5000
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7E1F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSGKU3UcAMpmndSuvUIl_a1JpJTIHtJnZrvHqdtPeXUQNob1PIb-wC_5CYto5VLGTRRW7ktsJVtoaoo2HhtcirwF60tw
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7E1F 0
0 43ms
42ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZXxNyTwUYdn5DaTZ7_UPhpO7yAz25_miZMqCyaGwDpaCzYWIFhABINzX-yJg-4GAgIgKoAGdwcGZAsgBCakC2quXnXu1sz7gAgCoAwHIAwqqBOMBT9D5BqdY-8ZxLt-gksweYeQ1PSDhQ9X8-WXZxCOODtp-g8RA6bbuk1JxRRJwaIjOCUGt3WSR6cjmGgWGdXL2R5-VMrqZxDo7nVwtfYkOFyS3jJN7owA_kWnHw5Y67jWzV4zN6lCZqzAv83kBw4QIU7uywEx_8xd2uTRojb6SDWzOQiHP0ixoFDTVPEAlBnTW7eCMydNfiDHmmRsSqRzA4jUjaT-pqD8d7Vf_DoCzyw1QgLKn3PSQxVBFxa3YhV6fLM9UsM7baQQqBMVCp0yi9EghviFEAXok6qxLy4jt0RoaUwnABOWlzZ_OA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfLvr7mAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCPqAPSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTM3NzUwMDI5NDcxMDQwNxi8ihE&sigh=ueLSM_Dqnxs&template_id=484
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 65 KB
16 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10237877
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15507
cf-request-id: 09766cecb3000063b9c688c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDLsqU8JH9dDFeiclhNobgdjZbeyy2%2F0U38pb7BprLmC0XbCAa5MtkoZY7%2BINHVLLgkbCJ5u8SlgMP1qLz%2FAleIkd%2F28PomZhlIUeuiP9l3fGso9zi7B8%2FLHdLOagBpy%2B%2BQX%2BHbwhPMbhE3xQ48WYE4j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67d4738d4c884ab5-FRA
expires: Mon, 01 Aug 2022 21:10:33 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 137895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:52:18 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8BC0 0
0 41ms
40ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzlUkLEkHw1uAp_cNaiE4Noen4sHS6jR00vNy1BjgYRn0bbpQQCmK8wsoLGuc8vtWfcriOmBayHjF-F4DYMo2W9HMFCoJOCUQoog4flDNzTG7lX3eBcNuCC-wIezG6JVUQ86JaDPzhV7TsKA5rkbEldM3q7Iv4OQZWaXRTjA7c3ejCl41PInFeSjQ34SMfW9b-WF5g9TpW_4uoC-AKP48D3I0Sj0UDU64dcFtSkvfcTpq0-vqQ6TqAce3WL8GvVPDjrEk2Whg4gRg3VhGCsncVNCuUVWh8JTq6b-ZN38DAnZFJ1X0W-Ejd9JyuUv4R8g&sai=AMfl-YRXBDHyQhMvl2YhhHBokbJiVL_FmWydLtRepCmDzyyRntGYJdGMtFRNy4q7_XN1Tdsq1VoG1_0EwDsucKh70Br8RpKZ2agx0BdSQo7g7LEGhxxTbeJkAngVzPySBXB9&sig=Cg0ArKJSzE2f0tl1224lEAE&adurl=

Requested by

Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 8BC0 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:41:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8BC0 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:42:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BC0 124 KB
37 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 200 5085359268409307133
tpc.googlesyndication.com/simgad/ Frame 8BC0 13 KB
13 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5085359268409307133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f209d8990b80192f3157400a738d18fb009020bae132f54715a289813b3cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 02:22:39 GMT
x-content-type-options: nosniff
age: 67674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 18:13:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:22:39 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4756 0
0 42ms
41ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnRXc6Qn8UuMvkqFKKUTX_OwR2r4BdATgj_AVATKqDWO-00IklX_afRyrj8IBC0KK6Wrz9U8BrtFxDT2MQc2ZuMvOpwP5QSXgi1oKCgzMAnISytU5l9-NJXmuwbKcQM76DQle8Tfvi3jNSPNsTYwG98Q6AS3rLyfm0Zn59aujR8n3Pmcl1cozDfHX2ihj4sP_5_bmRRjztf2fv0KantUoTeU5lr0myFjFJsZ5TK0bzJAxqgLTGX5_yvw-wt8d6mpc8zVfz1gSHzSKtazGoDzqpN3wtQy8Wg1D7RZDKcuGvLRpezRZNJ5HVlvyWoTdz6tUScxAabcbSHnBFWw&sai=AMfl-YQ2xWZ0s9iP7X17hK1sYkgElApq6OwP5sHsDfXc6QX_YOfFsZk0oHRPzF4pxB3DQgZuieOMWx6m-a89Vb4ZjQTcTWObPqmabl0UB5Ulk5Sl-i9Pv-5todAKEYykcTv-&sig=Cg0ArKJSzFrScgIzYTthEAE&adurl=

Requested by

Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 4756 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:41:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 4756 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:42:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4756 124 KB
37 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4756 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzlD9khsHQ9RYQ33DDWvWTM_vE5Eq3ARmJ7cvp0GE0DuGkz6b7AMOIhuqpryhEQJxlzCo5C1n8yoSmWW5UxqVpE-b2UA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11820087923280161619
tpc.googlesyndication.com/simgad/ Frame 4756 41 KB
41 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11820087923280161619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2220c4bf97f56a524ef4829a633e2da81b31d782998b0d88b61944508fb421fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 10:48:28 GMT
x-content-type-options: nosniff
age: 37325
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41871
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 20:42:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 10:48:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B89 0
0 50ms
49ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOMpchJwWgirtaq0JZKp4oYa3nXRUFnSGUCTisYOwTB2VtQy4Iw_Pvy6lb7xBoLi49tdC3bBB2MlTwOrGmPcQViuMkqJFkviyVT2UbK0JiEInuEErkxTZstx1pYVtKoX-CzmDScHJq-bpu4U3WdDogHYAdlZfLbQtAvuZ5WdVewO43ugYWVP_eFiI8Cvb3mRGmL4Rt_lDuRo1UuTKy8ev8CqcBBNpRtfvlSv-2aw2xu5vkYB9sRLyvdjyzAai7KBQefJQ8gzbhZjQYXZQKPs74wFyJE4R-PumYbRrgGKrROALu18oi9BmYMs2KaG9ewrAd3nX7JA&sai=AMfl-YS_oDjjN5pRoEjJ7TywMdpWHwhnZ44mjXCfRRLJ0P5sNuWgXdc7w5yVn2Cn0iOtmIeceLR2ofSnZGEK2V5lkd1VlFo5gl6qZZCD7d3K3OfoKItRtgGgHV0nlLvUeotB&sig=Cg0ArKJSzA9xhtGomJOjEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 21:10:33 GMT

GET
DATA 200
OK truncated
/ Frame 1B89 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ef85d98a397c2039d856617c8ea2725fcb682dfc9c80e43b4a646a24de669d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame B510 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:01:32 GMT
x-content-type-options: nosniff
age: 76141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:01:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 00:01:32 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame B510 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 00:01:15 GMT
x-content-type-options: nosniff
age: 76158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:00:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 00:01:15 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7E1F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 151799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:00:34 GMT

GET
H3-29 200 container.html Show response
687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAFC 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 11 Aug 2021 21:10:32 GMT
expires: Thu, 11 Aug 2022 21:10:32 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8BC0 0
0 43ms
42ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFgBuCgZpE0hxOakj2DYK343qvEi4PeVzyrJ74TjeCcSiVCwZxkI2ls4SEUMXQxSiPRZnWvSpkD01wuWX4Mg1hTvV8eiAmNbfNOrGH4fSDyqLSpEjl9fduTMxMJjLrS38t5mnSQGwXaLa9TaRaduOwADIFw-UFVW1dT-6vgNqZkRAd_B4fpGqmoCngmDeKiLjvmmPX7O2cmKVMek3zQIYlsHu_QaMCMtx9jsZwb9lCmo8tIOnuEN3x5ZxoR8SVdQHRdpFTTaPE5BJ9RZl33UM6M2qyeGpTu99og-MzyxWNzSSr4nJFCkEMFAue5hjWKZdK&sai=AMfl-YSPYgfIoiik5zlE3zdvX61MdEt-AKgHWKzH9TgG3uWPDEJEd3tdscf_aGC95s_JE6koRCCXWwTS2BXV5RiA7v_N3nj3Bu1dkCk_p5tApafvDzDp9WRBz_KjrC3BBTNd&sig=Cg0ArKJSzB7j3ko2p0D2EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4756 0
0 69ms
69ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQgLFFZO5afLhtwRKS97JpcET7fXMzyj9V0nmr--0FSHSQuJUE-NYwkIxmZHLt6q6bkZNjbrtr3A9gkon3RzzuCH_TRBcoEk6bdV9d_pErUQOJvaJV0h3K9eCB29T1TTCewWFHYQ1ZhI8wO8dxF7mvs-V_gKcd1kVcowXVnMf1L71xc4TtjSQ3A3WxpFpF2jpqQSDRVWWfOhgi1DS4krf4zb4fblpad2wXt4EzHCRGJXiUFz22HJmZnNDn5-_7Vhp1X9m17XrU_IdMeZryNM9hKWiwwEbUw55yhN-XJYR8KJLi96tFMFwXFZyjAJj2zzn85j5Eu-bPXy8cCO46&sai=AMfl-YReKxTaF9CpFhl7GEzXG9dIdWYExODzLczeG9LEsBwrAiBXLxx5Dk_lasV058r8EYkl4KB1BF64eLeGv8N14BFmEVOLVM25AZeXcJRpB8HAPXpG9pxmr34eeuQZ5FTr&sig=Cg0ArKJSzGI8MP8GckNKEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 60E0 624 B
299 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1vSvXDAB&v=APEucNXxazgsvI9H--qi87tO0O2qWHL8sjMH3DsgY1TUq-LbgApolEOFSBTcIkWCGYyOQlBzQhHJZjcjb9mTN44h1-Ey1UnE7RuzuBgdmgcZ7Wi6IWcFEO7BAM2_B5LWJBzK24uGFAGWBR4PpudE93BHILTfM8984gSYbDryosUw7LKfpoQJnEc

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY1vSvXDAB&v=APEucNXxazgsvI9H--qi87tO0O2qWHL8sjMH3DsgY1TUq-LbgApolEOFSBTcIkWCGYyOQlBzQhHJZjcjb9mTN44h1-Ey1UnE7RuzuBgdmgcZ7Wi6IWcFEO7BAM2_B5LWJBzK24uGFAGWBR4PpudE93BHILTfM8984gSYbDryosUw7LKfpoQJnEc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3j7ypVqOYQmRLKrfjV8jMiTE_oeqeaaTnDvtb9vZSFdiUQRpy7BoPM_4U; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 11 Aug 2021 21:10:34 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A69A 24 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCORDMW5NG8FQf2iVoWaXSByW53XviZtEeYZ5dmZQWgkEWrT3KoRPlTjkWZf1P4w5KmFabi1cYJ85oqv3set9Kt1v6eIrIAtQu-oedrZtc1nCUOBqOXvvL_bty37Z_FyGIG1syhyWuHQRmzPqzyBn0DBDnpw&cry=1&dbm_d=AKAmf-AkxN2po6IahuSmjK-v5e6R2WJhH3RAXJ2pfkdEYhC8tlUwPdDsekAHyXPb2uOCobcphz1q2jatcpITu_MBAxeunfuQJPd1KFj274xrYbmCme6w6ulW0JZ8trH2NQDekYKs6Piu5YtPq7nrq1qoxFMl69Ql0M2uiP9hmgKGHX53M5IH5oRjdCv2e5f-a54VWLhHO15rAlKnfvrHXnkUMUJ37vRMuQk-ul5snuTu-oQoOc8zGkojmg6PmLJyN56vE_-ZFGi80CNg67PaEkIOnWUcG4XC0XVx5MIfqS9SUTl0tMMj_Qb_G9ax_536EQ77hxvPftOCJnOzxFlvJLZaZdIloBvcV5MyzDPg0sWtFLwLLpZQQ-6AWWK2JRmmw81_2cTtyXms6BXL6IOX8_rq5NKfvB26huqYhd-znLkeDsFx_2S-BXbOmFLImIkRd3KeG0trz-bNT2yx55ns6AJIA66Pc3KubBe9PPAacK1S7dsC_xVS0CZQynTeYVl2WE4YQkwQkKIyOMlX7Mg1Pnet6czQpfS95Fz4ONKFkNgKLXJNGHcIXhBlT4P6zA5s6yXpxuOf-J1bjFHpt2Z6HL1680wsh2ZxfKtpVNir0XWXLhwaCxxrSpWmAGZFiV79Rg_3cAyxcBK9EPAZ6FvgSDsvdqnYRZns5QXs0i6oWP5v2SkYVL692eZAC9iw-zrrEDZs9XyaJgpISHqAY2lYn7FdtdKXb81QnQgt5x3WlZGMP-XD_nk51JCz238mlLRliF1WYe1ytM80-N82MarNtKJ_-lpwPrCQSUUw1PA58BYKy8NUG5wfo6ESeqPAfNp9vdQgL1Uu94AO2LHFQydCszrXmu7uCcafh81f-H_wrDBDcU5IrDfz5eoDLIBLtwsnTEhJajaRKoxvICNKQVCAFQB2sM70vHJsdcAqGZznTGXiWNVsQk9tqkJwg6Z97h604krSdQZK9Hpl9-PCypRYlqx1rxTWPlmMxRoMr2pm23nfN30oTJoZlE-CA7lz6TmqS7P8CjzNkXPttIapbwO6q6EsOnTKlFz6iXBX4HCN1m_qrUVmZMPbiBJdaBqc7LQdLtF3pIQsYC4hgfeq3dYaUGbDhXyUXfAcsBeXAKe4gUdos8silbSlLf6eTcrGMfO4M4m-008-SGm_Jh3Z6SzkyOQNjThMcwKNGE4lhvub9bX3AweJrbIFK3ZImLmULsPkam5UTihYxkpxtU56siDSm4x9olw5E4Ak1lYmVLlnZ6UaOVQQ13A_lrx3cGALXJ6D5hiwobrmXYl1LDQM_G-XUBi1c6vPJqiOtquJhJtYBnh7oR2ibKzv3KhMkKNt7ncqdEEjy5ZpcVoFGcyvij1SzuKfuKn0qRQYGUP2-cVEODFAE445oQ7dGC4o6PQY1FGeQO_t2Z6wEDMx7UGFDMQWJ0WSEeYMB0LBUKAFVYJrP9i_tI2rAXruBEZVrSPhk2aeX_z2Viw95-G8q7a2tC_UOzClNcjeU5uLSgLSr04E92LQG7HmlDPUZaXlh3YIh7vA9EW3iQEplcPg6X0PtAUqbynFSAwVrf1NEoLWJU2PFzMOHewGyniOiUjHYl4pv097MHRbWynLlnZt_EYfLYQLw33Hko7k-FNRdAKpTZLyXLE5qLReNCTlGF3Y0wTkp3QuNpSF08CZgxfVrI8zqe1bqIqM17G1WxUnq8b9j3Oob8myC568f0VswPHXyWcF1Xg-TcAafnkohL3tHfXaQ7HSW3mqM-ul51az4E_JAAk3eRu43clzQTWioMWsVgbRyZPD21edv_DqR-jz3-ssVfZypm6dfuAyJBTEQ1stFJT2UWiDsUlJlnxk4_uct2w1JM22PvA_FQatWVzZGxNMKXLJJ1CUoNfrv7NPbndcEcxxxnaGfz8cVDrVObr_Js3kuxJRrTV8tq_xvP_D7IwKCZgYv7JeZxw9fJA0qm6nk-6VrO9xDE-rJZqA5v0GbltSbOIQTMZzu2wZCtwkp0h4OW3sc4_-5ZlyBZGLIrtlOZkNwRhu5R09ybHHGPaLYOhl0eL2W-EL75GvRdKxdXASNt7xYvd-u7tzst-0QEm2ueUd5AKpfFPZERoyjr5i0DYrwVp-b0WJug4rxPFshEwf_EY-ogNMyUnBSClwe9aMQTRmxazSPknvF0iFbvbkklFb_dAuL3IPemziQ8CnhOqiM6cdNN07ce-K83wIKxS9ctHw3SvymNaUc6Y-o9wY3luS8w7Sj_XRMGYlemJ6Zl6gfF-7kK-6V3k1z36TSyxNliE1YVizwEdZF5IUIkRLJNap_aLCH2XyCte6YejgkdNNxTqbcJUQJuSXaRd1Y1RT7lsHw-6hG_ClnzCxlcGIjxa2dUpuk_cPkRTAsDvfkP0CsjXzc1MmbjWi8flfwQBEMpTskyYXK6t6fBy01No5jI1IISCkJXevH8v9GZFjs0beDsodldgBN5RKvPIHfQg521bLuoGyiYp9U0-4D9TGZO4IY2zfa4ut8k8JekkSc0Bqbm-msa0KhYTU8ox72H3MMs8LlBWJ3KyoYL9ZGpeh-Vbcwv4aVd_0bo6RWQogh0tHVf5-c4nmOz4A2QdRPbDvjDPQLJZ9cMumQvpY_896c7odO-CrWF8rZNpVPA9-zzTqH9rAj-brmsIU1SyTeiw2KuF7ZJEfAmQPuGInk-YByPOPBZpNtVkajao_x8TBXfC_IlXVG1sxlR1m583CEZAuC9KLCSVwt2ZiGo4qp6jrxyYxvAFKa5u2gfu9m0BgSzj56WwqE1oG25J40QGkjJ0e3pN8NxyCyLFiuCHDXZsVaWUuG8-JabjuaReoEhJMoPRFjIo7Awzn92FHLN252ladow0CGlm4629EKyEYdmHM9bqjli2M62sCniVWiIPXaZP6SiQ5USJxZudl_csBD1yfDu0G84X67E52mQWM0TuBxIH6GFXSNlmhZRuDqbXsznFMDyOMCm1negg_hkdtDffbEMAm652nBCp0i7M6Fkg13kvdt8VCkP09a5TcEWX7H6kpSDPc1ypB6uNcWbSrUQ&cid=CAASFeRocwGgscufSVe7M7GYPeacMoeS-A&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2e7301ef0342222c5e298908ed2b1074229f47a59b999da7ba3e69a292666e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12908
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A69A 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgVlU2CuQZsM4iNOHQT-MGeZMMATV2iwYmjGMt5TULqaZk-1BBEnwTeXdUeuXTeoToEM-umq5axrgXZWhBIow6ds0O9LvlYzzI2qiINoQ0rgEbm8g

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame A69A 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:42:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A69A 124 KB
37 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame A69A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:21:35 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A69A 0
0 15ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZlqykgQWm2WiPKICeUIUOOKYLEj7Q6GtzORtFnH5ZdwQnAPKkNWxGJ1qL7EddP1RE9zPp0SFtlSrJ9ODYh_yZEhMJWQ
Requested by: Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B510 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 71081
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B510 344 B
379 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9019
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 18:40:15 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7E1F 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 01:25:53 GMT
x-content-type-options: nosniff
server: cafe
age: 71081
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 12 Aug 2021 01:25:53 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7E1F 344 B
379 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9019
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 18:40:15 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C06F 624 B
297 B 19ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQoLrgzAIYs9OlrwEwAQ&v=APEucNX8LsWbeGkzloGfsMtPqEf6EhUB3i41uGXAgIBbOTKS40B8EK1nPmSnsws16NDnT8JJ-zhmXxq0nwFV9HgfpWpssvKu0jZrq60QWBLI-MQju-gEdes__jU9UiF9uZLZeWTc2tKzc4jaXov0vJ3TiD3eFkMkiPip6hoRL9nQvyE1G7sH6eA

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJnsxgIQoLrgzAIYs9OlrwEwAQ&v=APEucNX8LsWbeGkzloGfsMtPqEf6EhUB3i41uGXAgIBbOTKS40B8EK1nPmSnsws16NDnT8JJ-zhmXxq0nwFV9HgfpWpssvKu0jZrq60QWBLI-MQju-gEdes__jU9UiF9uZLZeWTc2tKzc4jaXov0vJ3TiD3eFkMkiPip6hoRL9nQvyE1G7sH6eA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3j7ypVqOYQmRLKrfjV8jMiTE_oeqeaaTnDvtb9vZSFdiUQRpy7BoPM_4U; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 11 Aug 2021 21:10:34 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DAFC 12 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP77OTVL2mjgaKKdCetwaki829s4p3wuibtqb7xe0so6Qh6qeMjIeGbjSgIxOGCHV9JFuuoawhhp9vvjfOL0MGSUe3yjv-ndL5u3Ql7eDFJ0wxa0-SZE9F2vjHUq6KpB7rqt46U0KCAvb7btTmdQNjE1xdUg&cry=1&dbm_d=AKAmf-APO0CPgO8Zrp0mLqVDoSNj7-mvS8lbjoG96RurM35PnQAtUvDDRowhuyfq5Kiz4rtKA1TfrnX3YTv42TO_87dVF1mGSQXJ45qypMzg7QDrybg0bNq2_um2fzu8v0C4B0jikGGOA6bKvjdS0lDZMeiPY6-Z2bSbD5M7W2dpHXPrTVxtoOJq1LroRlJ1Hyz5yCtVSNsJnFp-a36V2FcVVbLDaeAVlS3oTM20Lvd88ZUp5ftnKT2LHrpVQlW9m1DbzJax8SGUZM1xB4fzDNmFyJEqsjweMhmWrBGNs7Dv251OYIuQn6H7B0xLITwPuKWmAignzInTfebEphYHUTgG3iUJa7Yv0Oxed_2aYeLS8LsfBQBBupcsE8TW0ouHk2IABHY9NSWbZEBJH2S1ZCrt3V5021-WS7L12i_7JpqEJ0FimdjFQFzgLNGNHjXxd2HNAdyJF1bfvdmafqiAWKzEEwInyxt0qXRpwiThmtCXxr_gDDeDjPpyZ3gMUBvMekeFCRTq928Qv6RJepVQ5QM3C4FaP1igVAR0iq6Pxs2yIiJMl3sKOZjNj6k9ZoAbIDAbK0r4-sv9BuQq6W_NjbhurS4X28Hf2vi1310RL41UTQQqiPd2rzExgqCINn7MYMu02yhY4v2yvXLO24aZlII0MytQLZyejLgohp4iq7p34C1bjqgBRdjNY6tXYpmVSfh__EIsOTjqnDuadTHXjR1yiEjursxmXhxY4wNvpWZ609pE8MyteYfsBAZLjYh12ueqhkkeP1mtEl3k-C9-Z20QLQfOCoRwpjH5sOFVoFSPtT-VdnH4ANJxFPZxVh3mAYTUPbv5QFFfyDYnktJSufv0O-10_Hx_Z-wFVGvV5MCAs1h-SFocqGoW8qcvFQpxNPv1mlnF22Krtrvdzcf5JYBcuUXPx2OZfcHHdkdldfunZYsOu3oFXSG-UlUAnNjUIlRBqJsMjXWvLn8vi0Q4ykID_-LwgP5gSAX3lr0ySpKDoaAnDSYsznZeqOpbkSK2dhEei3y3cjPVd--DCjHhaxu-StBBomt8lh3YS1O9-f_epDmduZIkjpIql3OcHqIdRAB7L42HBmCTpIsG6cPEk2wlvAFNKK-IBgAbCxiLpoLGeeoHvtHpFVlBJKAe6OwnCaFTKMuXvTvM-E693KADYtcSaz3f82DKels25DQg95OjN4D3ijOwA0LBu_i_H5K1p--esvyGUgYEamT09juc2EvKlO5NcIA5lZ3xTy6765Ze0IcYCT719GWMrB2djHvQdtV6jtXbIxsAXuzfXzCDhQxeLSyYlonPb0JxxGhcX_ID6KNB30TVC4gZbuC-qJ_6w4tft5TI1dPxYsJjKB-KipM-BK_YlecVRcdOpdwyVH_UVnceT5u0LgmN6ZUUhKX3JRDSUbjysZU0mW8EushfRa-Bv1-mJBilajHe4xWDZsuyPg6suCYG4aP6VUlkhymeBxYNdzzEYYE2u3htRlfrB1av1M2o4n9vbxAczNkf6aWt0w6NVpWh28GkV9QW5i7kRSq1Bi1Iy9tTXKtP1CNI1XMCl2IxjMLaVHI3DuMMW9kotivzlCASq4v2HNSUkVNZ3xrKf9FhcQLhl6RDGMSMguDH609rx2UZRMcw54Itv51S6SsqNMnELjfvC6VpLBY0bFXkj5zl8BNRElCywL_lK0E6HXU1dUaalBv5AWZ7m20hCCHJHNWmlL-PvvsEAQ8HikVK1I6b3Cyco21f0cr7lciCFwKeu27iR0XOmPBtJoLZoYgSyZ4gDPmUoXuYnP7tJ0lDdiztr6sewVG-0DMLLkRLwTj51q3cNA5WcLMUIDYeu-p7v0iqkLA2bN00_oePDXck4lgprsbtoWoiyNnMSuNANYy41Lc19wVx5m_03Dgow6wmneQXuZC8I_ywH9cUCVCPq38AdcLNkaMt0RbYcsXqcxY7lFlUOJ9hLkf-eRoAfeSGaV25uo9AAs4CJFzG5rcu6cNQKDKdIA9arpDIa5kNDYvpsXaBLocUBCJBENCq3hz5cCEi6iAjAfpkRU-uirUlzIf344ESrcdEvD0y6EB3so3v9zipv4XBgIOdzF4usrMADnWPvZeX8d-1b3aMYC5VlCyBfDI3ECXXSyKWYGjGysYRkwxoM6StUaUzL-Fb2vENbc1lUZevoUUcONg9Vcl53DM84_AfLY8ADDTxwmpcYp8k_S6nC-bDtte60d71dhxSbPRNwsIn2I6xQf9s6h53pDXH9pYCp0-U572EpXvCX7yxoEDVAV4nVtpsZ9cVtr9cWRWwW5KieqGRIHFHdYmm4v8SRRCTgQeR1v1MuS_jrn-mIstoweTJhHbnUDN364cQqK39nf1DISZzjrgkHqDA4SOTEqySpbkGHcmewMUu1NlYH8Frr5JZtqWLvq93w8ht5q6AEb56LiZld-GPl9l4CgOQ59h_D4zsMD-g4s7jrX7768P52PazYWcJr_QjpdHzrX9gWfQrWoYLfep08ShHdlaxaqjp-WlMw-5tFriRYM3d_kZeNOe2RMzb9GW6K8wUGInx33Zpq_tvXoc0lSo_8X-rilINeMOQ-pcBxlb-Y7RmmEun0mqKzZlSIeJrNNMs4eLdhojiOXzUhPYUM9h9qUgqDHTF8Gh_xDwFvDbPI6-zu4NJcS_OMRK6tnMLqQNCx1trXVUrW-2mVIeJTx62DbmN6l12u5RQhPCeretBc1AjGmp_HnhCX0tORS3cjKUIdAyDaSwxnUERpxdoIgNIdjB4mZbczLJM5MIwNvqka0cGsNroaMouTdS1qWbou91nRCYalHTKd7G6dOyvDqGNsovZi9OQfU2MU4QUH9U7BKzXiWHuAGU7UbAfw1XOnPoiTW_nDQYFaBU421QtnsFHBZiwb9gnnhzhmobO5tM1yjW_Ap4MS8T3GI0YHdD3At0ERFmVv6V6O3nyuBS-vLuen0X-rnyzu5HpZft4yY4h4f1yUUmBEgKU33JDe9NNNynSJwm2TW87QZd3qjLnq8jTjMzY_dj2vsEC8wrZIOWA_JB7jCZs8QVYtX84SOJdLmcfQkrpU3xxRm-MAxbxwP5zBPq63s_uCO-YYVimJA6ssencHgjv88WbMa4orlaqF44qNHLeRCUKwNSyyiEEVotYaK56A1oJ8KOOf-MV2SCHFGdfGFUJ207OwrItQ7LMU-3TSSQEh2fcUsoKI8spBaAt8RjQ-OkQBWULmrIG0hXAB0SOn8OpjA&cid=CAASFeRolvtsra10d9D_su3BTwXhv8WHRg&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: www.opovo.com.br.us2.cas.ms
URL: https://www.opovo.com.br.us2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

109a3eeca127938d31fa49861db880d78fe15e07deaf20a10ee86149ae695dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8814
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAFC 42 B
63 B 28ms
26ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUaZdgtaHWVKo3A17_e_zdI2huCefy-yYqqgfsNICesBkSCzXwL165Ocs-ZNWba_x-SwwfFtkvFjLWu37hS5R0_dTuTuZFleAr5AwqFByXJK-01l0

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame DAFC 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:42:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAFC 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame DAFC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:21:35 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DAFC 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRg9PsY8KYkY4i4DLVgL-S9BbhmTUeGvvT7NM8iC3v_ZWPCwyCaT66-V1PqmXi3Av1VyiK5BZqRDAXg95INGcHem_YAfA
Requested by: Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame A69A 24 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCORDMW5NG8FQf2iVoWaXSByW53XviZtEeYZ5dmZQWgkEWrT3KoRPlTjkWZf1P4w5KmFabi1cYJ85oqv3set9Kt1v6eIrIAtQu-oedrZtc1nCUOBqOXvvL_bty37Z_FyGIG1syhyWuHQRmzPqzyBn0DBDnpw&cry=1&dbm_d=AKAmf-AkxN2po6IahuSmjK-v5e6R2WJhH3RAXJ2pfkdEYhC8tlUwPdDsekAHyXPb2uOCobcphz1q2jatcpITu_MBAxeunfuQJPd1KFj274xrYbmCme6w6ulW0JZ8trH2NQDekYKs6Piu5YtPq7nrq1qoxFMl69Ql0M2uiP9hmgKGHX53M5IH5oRjdCv2e5f-a54VWLhHO15rAlKnfvrHXnkUMUJ37vRMuQk-ul5snuTu-oQoOc8zGkojmg6PmLJyN56vE_-ZFGi80CNg67PaEkIOnWUcG4XC0XVx5MIfqS9SUTl0tMMj_Qb_G9ax_536EQ77hxvPftOCJnOzxFlvJLZaZdIloBvcV5MyzDPg0sWtFLwLLpZQQ-6AWWK2JRmmw81_2cTtyXms6BXL6IOX8_rq5NKfvB26huqYhd-znLkeDsFx_2S-BXbOmFLImIkRd3KeG0trz-bNT2yx55ns6AJIA66Pc3KubBe9PPAacK1S7dsC_xVS0CZQynTeYVl2WE4YQkwQkKIyOMlX7Mg1Pnet6czQpfS95Fz4ONKFkNgKLXJNGHcIXhBlT4P6zA5s6yXpxuOf-J1bjFHpt2Z6HL1680wsh2ZxfKtpVNir0XWXLhwaCxxrSpWmAGZFiV79Rg_3cAyxcBK9EPAZ6FvgSDsvdqnYRZns5QXs0i6oWP5v2SkYVL692eZAC9iw-zrrEDZs9XyaJgpISHqAY2lYn7FdtdKXb81QnQgt5x3WlZGMP-XD_nk51JCz238mlLRliF1WYe1ytM80-N82MarNtKJ_-lpwPrCQSUUw1PA58BYKy8NUG5wfo6ESeqPAfNp9vdQgL1Uu94AO2LHFQydCszrXmu7uCcafh81f-H_wrDBDcU5IrDfz5eoDLIBLtwsnTEhJajaRKoxvICNKQVCAFQB2sM70vHJsdcAqGZznTGXiWNVsQk9tqkJwg6Z97h604krSdQZK9Hpl9-PCypRYlqx1rxTWPlmMxRoMr2pm23nfN30oTJoZlE-CA7lz6TmqS7P8CjzNkXPttIapbwO6q6EsOnTKlFz6iXBX4HCN1m_qrUVmZMPbiBJdaBqc7LQdLtF3pIQsYC4hgfeq3dYaUGbDhXyUXfAcsBeXAKe4gUdos8silbSlLf6eTcrGMfO4M4m-008-SGm_Jh3Z6SzkyOQNjThMcwKNGE4lhvub9bX3AweJrbIFK3ZImLmULsPkam5UTihYxkpxtU56siDSm4x9olw5E4Ak1lYmVLlnZ6UaOVQQ13A_lrx3cGALXJ6D5hiwobrmXYl1LDQM_G-XUBi1c6vPJqiOtquJhJtYBnh7oR2ibKzv3KhMkKNt7ncqdEEjy5ZpcVoFGcyvij1SzuKfuKn0qRQYGUP2-cVEODFAE445oQ7dGC4o6PQY1FGeQO_t2Z6wEDMx7UGFDMQWJ0WSEeYMB0LBUKAFVYJrP9i_tI2rAXruBEZVrSPhk2aeX_z2Viw95-G8q7a2tC_UOzClNcjeU5uLSgLSr04E92LQG7HmlDPUZaXlh3YIh7vA9EW3iQEplcPg6X0PtAUqbynFSAwVrf1NEoLWJU2PFzMOHewGyniOiUjHYl4pv097MHRbWynLlnZt_EYfLYQLw33Hko7k-FNRdAKpTZLyXLE5qLReNCTlGF3Y0wTkp3QuNpSF08CZgxfVrI8zqe1bqIqM17G1WxUnq8b9j3Oob8myC568f0VswPHXyWcF1Xg-TcAafnkohL3tHfXaQ7HSW3mqM-ul51az4E_JAAk3eRu43clzQTWioMWsVgbRyZPD21edv_DqR-jz3-ssVfZypm6dfuAyJBTEQ1stFJT2UWiDsUlJlnxk4_uct2w1JM22PvA_FQatWVzZGxNMKXLJJ1CUoNfrv7NPbndcEcxxxnaGfz8cVDrVObr_Js3kuxJRrTV8tq_xvP_D7IwKCZgYv7JeZxw9fJA0qm6nk-6VrO9xDE-rJZqA5v0GbltSbOIQTMZzu2wZCtwkp0h4OW3sc4_-5ZlyBZGLIrtlOZkNwRhu5R09ybHHGPaLYOhl0eL2W-EL75GvRdKxdXASNt7xYvd-u7tzst-0QEm2ueUd5AKpfFPZERoyjr5i0DYrwVp-b0WJug4rxPFshEwf_EY-ogNMyUnBSClwe9aMQTRmxazSPknvF0iFbvbkklFb_dAuL3IPemziQ8CnhOqiM6cdNN07ce-K83wIKxS9ctHw3SvymNaUc6Y-o9wY3luS8w7Sj_XRMGYlemJ6Zl6gfF-7kK-6V3k1z36TSyxNliE1YVizwEdZF5IUIkRLJNap_aLCH2XyCte6YejgkdNNxTqbcJUQJuSXaRd1Y1RT7lsHw-6hG_ClnzCxlcGIjxa2dUpuk_cPkRTAsDvfkP0CsjXzc1MmbjWi8flfwQBEMpTskyYXK6t6fBy01No5jI1IISCkJXevH8v9GZFjs0beDsodldgBN5RKvPIHfQg521bLuoGyiYp9U0-4D9TGZO4IY2zfa4ut8k8JekkSc0Bqbm-msa0KhYTU8ox72H3MMs8LlBWJ3KyoYL9ZGpeh-Vbcwv4aVd_0bo6RWQogh0tHVf5-c4nmOz4A2QdRPbDvjDPQLJZ9cMumQvpY_896c7odO-CrWF8rZNpVPA9-zzTqH9rAj-brmsIU1SyTeiw2KuF7ZJEfAmQPuGInk-YByPOPBZpNtVkajao_x8TBXfC_IlXVG1sxlR1m583CEZAuC9KLCSVwt2ZiGo4qp6jrxyYxvAFKa5u2gfu9m0BgSzj56WwqE1oG25J40QGkjJ0e3pN8NxyCyLFiuCHDXZsVaWUuG8-JabjuaReoEhJMoPRFjIo7Awzn92FHLN252ladow0CGlm4629EKyEYdmHM9bqjli2M62sCniVWiIPXaZP6SiQ5USJxZudl_csBD1yfDu0G84X67E52mQWM0TuBxIH6GFXSNlmhZRuDqbXsznFMDyOMCm1negg_hkdtDffbEMAm652nBCp0i7M6Fkg13kvdt8VCkP09a5TcEWX7H6kpSDPc1ypB6uNcWbSrUQ&cid=CAASFeRocwGgscufSVe7M7GYPeacMoeS-A&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 21:06:31 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A69A 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 16:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 16:47:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 60E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1&C=1

43 B
894 B

51ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1vSvXDAB&v=APEucNXxazgsvI9H--qi87tO0O2qWHL8sjMH3DsgY1TUq-LbgApolEOFSBTcIkWCGYyOQlBzQhHJZjcjb9mTN44h1-Ey1UnE7RuzuBgdmgcZ7Wi6IWcFEO7BAM2_B5LWJBzK24uGFAGWBR4PpudE93BHILTfM8984gSYbDryosUw7LKfpoQJnEc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 11 Aug 2021 21:10:34 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 60E0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRQ8ym-HnkTN2t90OeuI9AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1

43 B
894 B

45ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1vSvXDAB&v=APEucNXxazgsvI9H--qi87tO0O2qWHL8sjMH3DsgY1TUq-LbgApolEOFSBTcIkWCGYyOQlBzQhHJZjcjb9mTN44h1-Ey1UnE7RuzuBgdmgcZ7Wi6IWcFEO7BAM2_B5LWJBzK24uGFAGWBR4PpudE93BHILTfM8984gSYbDryosUw7LKfpoQJnEc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 11 Aug 2021 21:10:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 60E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1

43 B
1006 B

51ms
33ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1vSvXDAB&v=APEucNXxazgsvI9H--qi87tO0O2qWHL8sjMH3DsgY1TUq-LbgApolEOFSBTcIkWCGYyOQlBzQhHJZjcjb9mTN44h1-Ey1UnE7RuzuBgdmgcZ7Wi6IWcFEO7BAM2_B5LWJBzK24uGFAGWBR4PpudE93BHILTfM8984gSYbDryosUw7LKfpoQJnEc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7569098d-eb65-4df8-bf57-a209e3cd70f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 60E0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D

170 B
188 B

66ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 56f3c9de-e5b7-4590-8b16-4e7d39414d8c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C06F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1

43 B
1014 B

101ms
47ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQoLrgzAIYs9OlrwEwAQ&v=APEucNX8LsWbeGkzloGfsMtPqEf6EhUB3i41uGXAgIBbOTKS40B8EK1nPmSnsws16NDnT8JJ-zhmXxq0nwFV9HgfpWpssvKu0jZrq60QWBLI-MQju-gEdes__jU9UiF9uZLZeWTc2tKzc4jaXov0vJ3TiD3eFkMkiPip6hoRL9nQvyE1G7sH6eA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 11 Aug 2021 21:10:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C06F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRQ8ym-HnkTN2t90OeuI9AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1

43 B
894 B

46ms
46ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQoLrgzAIYs9OlrwEwAQ&v=APEucNX8LsWbeGkzloGfsMtPqEf6EhUB3i41uGXAgIBbOTKS40B8EK1nPmSnsws16NDnT8JJ-zhmXxq0nwFV9HgfpWpssvKu0jZrq60QWBLI-MQju-gEdes__jU9UiF9uZLZeWTc2tKzc4jaXov0vJ3TiD3eFkMkiPip6hoRL9nQvyE1G7sH6eA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 11 Aug 2021 21:10:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdcrho822P8sy8dVieytI8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C06F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1

43 B
1006 B

49ms
32ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQoLrgzAIYs9OlrwEwAQ&v=APEucNX8LsWbeGkzloGfsMtPqEf6EhUB3i41uGXAgIBbOTKS40B8EK1nPmSnsws16NDnT8JJ-zhmXxq0nwFV9HgfpWpssvKu0jZrq60QWBLI-MQju-gEdes__jU9UiF9uZLZeWTc2tKzc4jaXov0vJ3TiD3eFkMkiPip6hoRL9nQvyE1G7sH6eA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a3406e1f-be3a-4062-b8b0-46adfaee1217
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA3CJ-q38a1bOM_2Rg6qzV8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C06F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D

170 B
188 B

82ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 59cadf83-64b8-41df-b2e9-c2a9450377d2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwNDM5Njk1NTA2NTA4OTQ1OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DAFC 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP77OTVL2mjgaKKdCetwaki829s4p3wuibtqb7xe0so6Qh6qeMjIeGbjSgIxOGCHV9JFuuoawhhp9vvjfOL0MGSUe3yjv-ndL5u3Ql7eDFJ0wxa0-SZE9F2vjHUq6KpB7rqt46U0KCAvb7btTmdQNjE1xdUg&cry=1&dbm_d=AKAmf-APO0CPgO8Zrp0mLqVDoSNj7-mvS8lbjoG96RurM35PnQAtUvDDRowhuyfq5Kiz4rtKA1TfrnX3YTv42TO_87dVF1mGSQXJ45qypMzg7QDrybg0bNq2_um2fzu8v0C4B0jikGGOA6bKvjdS0lDZMeiPY6-Z2bSbD5M7W2dpHXPrTVxtoOJq1LroRlJ1Hyz5yCtVSNsJnFp-a36V2FcVVbLDaeAVlS3oTM20Lvd88ZUp5ftnKT2LHrpVQlW9m1DbzJax8SGUZM1xB4fzDNmFyJEqsjweMhmWrBGNs7Dv251OYIuQn6H7B0xLITwPuKWmAignzInTfebEphYHUTgG3iUJa7Yv0Oxed_2aYeLS8LsfBQBBupcsE8TW0ouHk2IABHY9NSWbZEBJH2S1ZCrt3V5021-WS7L12i_7JpqEJ0FimdjFQFzgLNGNHjXxd2HNAdyJF1bfvdmafqiAWKzEEwInyxt0qXRpwiThmtCXxr_gDDeDjPpyZ3gMUBvMekeFCRTq928Qv6RJepVQ5QM3C4FaP1igVAR0iq6Pxs2yIiJMl3sKOZjNj6k9ZoAbIDAbK0r4-sv9BuQq6W_NjbhurS4X28Hf2vi1310RL41UTQQqiPd2rzExgqCINn7MYMu02yhY4v2yvXLO24aZlII0MytQLZyejLgohp4iq7p34C1bjqgBRdjNY6tXYpmVSfh__EIsOTjqnDuadTHXjR1yiEjursxmXhxY4wNvpWZ609pE8MyteYfsBAZLjYh12ueqhkkeP1mtEl3k-C9-Z20QLQfOCoRwpjH5sOFVoFSPtT-VdnH4ANJxFPZxVh3mAYTUPbv5QFFfyDYnktJSufv0O-10_Hx_Z-wFVGvV5MCAs1h-SFocqGoW8qcvFQpxNPv1mlnF22Krtrvdzcf5JYBcuUXPx2OZfcHHdkdldfunZYsOu3oFXSG-UlUAnNjUIlRBqJsMjXWvLn8vi0Q4ykID_-LwgP5gSAX3lr0ySpKDoaAnDSYsznZeqOpbkSK2dhEei3y3cjPVd--DCjHhaxu-StBBomt8lh3YS1O9-f_epDmduZIkjpIql3OcHqIdRAB7L42HBmCTpIsG6cPEk2wlvAFNKK-IBgAbCxiLpoLGeeoHvtHpFVlBJKAe6OwnCaFTKMuXvTvM-E693KADYtcSaz3f82DKels25DQg95OjN4D3ijOwA0LBu_i_H5K1p--esvyGUgYEamT09juc2EvKlO5NcIA5lZ3xTy6765Ze0IcYCT719GWMrB2djHvQdtV6jtXbIxsAXuzfXzCDhQxeLSyYlonPb0JxxGhcX_ID6KNB30TVC4gZbuC-qJ_6w4tft5TI1dPxYsJjKB-KipM-BK_YlecVRcdOpdwyVH_UVnceT5u0LgmN6ZUUhKX3JRDSUbjysZU0mW8EushfRa-Bv1-mJBilajHe4xWDZsuyPg6suCYG4aP6VUlkhymeBxYNdzzEYYE2u3htRlfrB1av1M2o4n9vbxAczNkf6aWt0w6NVpWh28GkV9QW5i7kRSq1Bi1Iy9tTXKtP1CNI1XMCl2IxjMLaVHI3DuMMW9kotivzlCASq4v2HNSUkVNZ3xrKf9FhcQLhl6RDGMSMguDH609rx2UZRMcw54Itv51S6SsqNMnELjfvC6VpLBY0bFXkj5zl8BNRElCywL_lK0E6HXU1dUaalBv5AWZ7m20hCCHJHNWmlL-PvvsEAQ8HikVK1I6b3Cyco21f0cr7lciCFwKeu27iR0XOmPBtJoLZoYgSyZ4gDPmUoXuYnP7tJ0lDdiztr6sewVG-0DMLLkRLwTj51q3cNA5WcLMUIDYeu-p7v0iqkLA2bN00_oePDXck4lgprsbtoWoiyNnMSuNANYy41Lc19wVx5m_03Dgow6wmneQXuZC8I_ywH9cUCVCPq38AdcLNkaMt0RbYcsXqcxY7lFlUOJ9hLkf-eRoAfeSGaV25uo9AAs4CJFzG5rcu6cNQKDKdIA9arpDIa5kNDYvpsXaBLocUBCJBENCq3hz5cCEi6iAjAfpkRU-uirUlzIf344ESrcdEvD0y6EB3so3v9zipv4XBgIOdzF4usrMADnWPvZeX8d-1b3aMYC5VlCyBfDI3ECXXSyKWYGjGysYRkwxoM6StUaUzL-Fb2vENbc1lUZevoUUcONg9Vcl53DM84_AfLY8ADDTxwmpcYp8k_S6nC-bDtte60d71dhxSbPRNwsIn2I6xQf9s6h53pDXH9pYCp0-U572EpXvCX7yxoEDVAV4nVtpsZ9cVtr9cWRWwW5KieqGRIHFHdYmm4v8SRRCTgQeR1v1MuS_jrn-mIstoweTJhHbnUDN364cQqK39nf1DISZzjrgkHqDA4SOTEqySpbkGHcmewMUu1NlYH8Frr5JZtqWLvq93w8ht5q6AEb56LiZld-GPl9l4CgOQ59h_D4zsMD-g4s7jrX7768P52PazYWcJr_QjpdHzrX9gWfQrWoYLfep08ShHdlaxaqjp-WlMw-5tFriRYM3d_kZeNOe2RMzb9GW6K8wUGInx33Zpq_tvXoc0lSo_8X-rilINeMOQ-pcBxlb-Y7RmmEun0mqKzZlSIeJrNNMs4eLdhojiOXzUhPYUM9h9qUgqDHTF8Gh_xDwFvDbPI6-zu4NJcS_OMRK6tnMLqQNCx1trXVUrW-2mVIeJTx62DbmN6l12u5RQhPCeretBc1AjGmp_HnhCX0tORS3cjKUIdAyDaSwxnUERpxdoIgNIdjB4mZbczLJM5MIwNvqka0cGsNroaMouTdS1qWbou91nRCYalHTKd7G6dOyvDqGNsovZi9OQfU2MU4QUH9U7BKzXiWHuAGU7UbAfw1XOnPoiTW_nDQYFaBU421QtnsFHBZiwb9gnnhzhmobO5tM1yjW_Ap4MS8T3GI0YHdD3At0ERFmVv6V6O3nyuBS-vLuen0X-rnyzu5HpZft4yY4h4f1yUUmBEgKU33JDe9NNNynSJwm2TW87QZd3qjLnq8jTjMzY_dj2vsEC8wrZIOWA_JB7jCZs8QVYtX84SOJdLmcfQkrpU3xxRm-MAxbxwP5zBPq63s_uCO-YYVimJA6ssencHgjv88WbMa4orlaqF44qNHLeRCUKwNSyyiEEVotYaK56A1oJ8KOOf-MV2SCHFGdfGFUJ207OwrItQ7LMU-3TSSQEh2fcUsoKI8spBaAt8RjQ-OkQBWULmrIG0hXAB0SOn8OpjA&cid=CAASFeRolvtsra10d9D_su3BTwXhv8WHRg&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 16:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 16:47:21 GMT

GET
H/1.1 200
OK jtvh1z3sifh9 Show response
hal9000.redintelligence.net/zone/ Frame A69A 11 KB
4 KB 122ms
40ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jtvh1z3sifh9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPACqyTwUYdr5DaTZ7_UPhpO7yAyG3bDSXbSYr7q8CvAuEAEg3Nf7ImD7gYCAiArIAQmpAtqrl517tbM-qAMBqgTPAU_QZuGaOlqO-KfZZK_GJ2VUB0Dcxyj7MbFJkMy_J4lnHBXHBtr9sWLdKlihohqXD7RuUm5_EWKtass4G_OMy7efDTUfnDaMKBxSm-u4Rgx6ziXBp2pflIzuDMMSslWuZn3O1GxkdAilKWGKDQX8geeHQx38S3WOCsL9krS6YAMeQjVNDg_y7cekIC5B9N6KfPo5CafCWYJ25E2lVTcyc8EH6ZRdyZxYowFLptbsm_2kywWf2RSbzCoSCbmP7_5ix2QHimQAR0GcWXvBkujFKMAE8c6eps8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPNxrUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRocwGgscufSVe7M7GYPeacMoeS-A%26sig%3DAOD64_12Epoo3lNnyzQNicAK6HIW9ZiVpg%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Dea7G0KJySdODv_H2iMFyjWUem0lsF_OlxnTQKKg3nnURgiC0XJDa8W0uaOOii1D_Y3Pqurr7ABI3jWNsC4ZEhY5FI5U94fdZ9xYCQZSbEe2Vq-shc6HZC7z_E9T_yJT_1qPQ7kD16LaThKU-BkhNRLiGbBw%26cry%3D1%26dbm_d%3DAKAmf-Br-3KRRmrTwAW5Hm2nrXLpPCvVNAdxSQ9LmWH-S2eBwnqWy1IledxSJd3aOUKH_sUIkENQ0q_ur_14tyKc-cGKVNLcL2VnBfM7pAWa9Ul0kZLn9uvq8lemT5vMg9dDISxLKDWd29WU6kUuOcOnstyXkAtG9xTuL7BOicrekrVqG8-Cdcu1SBO64DIOSz6pgYwyvOJ_k25KA8j3AXAPHFHeVIV58V4Buzyfmi0MD_IWb8I4rCJ_9KlHYwYa_SuETI3ZXUV7EkHx3t2gL5eThTEXa_O0EP3wfYSAHYUUWIvE3Nf3ebT4A4xVDY1T3FUkp1qGkDZRPet7GvGjUHIrTH9n2nKDsy5Cb7rZhb_RoeUTKz7l3TG2ztpQbZpOqQmHE1mMp0ZsICrIXJTgmZffgMBJSHmVdnwuVufnHn-h1a3EJ2nXM1C2DM6WER9BNW9wMEggOnvf%26adurl%3D
Requested by: Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 923a86f756df2e8199556fcafe0362aebcb9359dd0b091589ed756cd272738f0

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 21:10:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3877
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA9C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 11 Aug 2021 00:07:07 GMT
expires: Thu, 11 Aug 2022 00:07:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 as.php Show response
nxtck.com/ Frame 2955 3 KB
3 KB 86ms
32ms Document
text/html 130.211.47.109
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nxtck.com/as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D
Requested by: Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 109.47.211.130.bc.googleusercontent.com
Software: adserver-ga-7d6b45df75-bwx4c /
Resource Hash: 8fbb724ede8e8ada47eb89609c41963653458311b8f1a1f0bc6de750f336f45e

Request headers

:method: GET
:authority: nxtck.com
:scheme: https
:path: /as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/

Response headers

p3p: CP='ALL DSP LAW CUR DEV PSAo PSDo IVAo IVDo CONo HISo OUR STP UNI NAV'
server: adserver-ga-7d6b45df75-bwx4c
x-robots-tag: noindex, nofollow
expires: Tue, 01 Jan 2001 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uuid=b2558d66-2c6e-4528-861f-0259707e8234; Path=/; Max-Age=31536000; Expires=Thu, 11 Aug 2022 21:10:34 GMT; Secure; SameSite=None
vary: accept-encoding
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 11 Aug 2021 21:10:33 GMT
via: 1.1 google
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame DAFC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d15a85c6f08c7c39a009e5abe7f14a5a562355ce2d0ad83f3cd314da39c6615

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A37F 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 11 Aug 2021 00:07:07 GMT
expires: Thu, 11 Aug 2022 00:07:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame AA9C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 17:27:57 GMT

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame A37F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 17:27:57 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2955 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nxtck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4105
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 13:52:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 11 Aug 2021 21:13:28 GMT

GET
H2 200 rm_iab.js Show response
cdn-ssl-as.nxtck.com/iab/js/ Frame 2955 3 KB
3 KB 87ms
28ms Script
application/x-javascript 34.107.167.126
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ssl-as.nxtck.com/iab/js/rm_iab.js
Requested by: Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.167.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 126.167.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 77dd7a6ab6c5b70535f944b314aefb2139419836cfcac9d57f765fc7c123b82c

Request headers

Referer: https://nxtck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:34 GMT
via: 1.1 google
last-modified: Wed, 14 Nov 2018 22:57:04 GMT
server: nginx
etag: "5beca840-a1b"
content-type: application/x-javascript
accept-ranges: bytes
alt-svc: clear
content-length: 2587

GET
H/1.1

200
OK

request.php Show response
hal900023.redintelligence.net/ Frame A69A
Redirect Chain

https://hal900023.redintelligence.net/request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900023.redintelligence.net/request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
938 B

218ms
136ms

Script
application/x-javascript

78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900023.redintelligence.net/request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPACqyTwUYdr5DaTZ7_UPhpO7yAyG3bDSXbSYr7q8CvAuEAEg3Nf7ImD7gYCAiArIAQmpAtqrl517tbM-qAMBqgTPAU_QZuGaOlqO-KfZZK_GJ2VUB0Dcxyj7MbFJkMy_J4lnHBXHBtr9sWLdKlihohqXD7RuUm5_EWKtass4G_OMy7efDTUfnDaMKBxSm-u4Rgx6ziXBp2pflIzuDMMSslWuZn3O1GxkdAilKWGKDQX8geeHQx38S3WOCsL9krS6YAMeQjVNDg_y7cekIC5B9N6KfPo5CafCWYJ25E2lVTcyc8EH6ZRdyZxYowFLptbsm_2kywWf2RSbzCoSCbmP7_5ix2QHimQAR0GcWXvBkujFKMAE8c6eps8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPNxrUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRocwGgscufSVe7M7GYPeacMoeS-A%26sig%3DAOD64_12Epoo3lNnyzQNicAK6HIW9ZiVpg%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Dea7G0KJySdODv_H2iMFyjWUem0lsF_OlxnTQKKg3nnURgiC0XJDa8W0uaOOii1D_Y3Pqurr7ABI3jWNsC4ZEhY5FI5U94fdZ9xYCQZSbEe2Vq-shc6HZC7z_E9T_yJT_1qPQ7kD16LaThKU-BkhNRLiGbBw%26cry%3D1%26dbm_d%3DAKAmf-Br-3KRRmrTwAW5Hm2nrXLpPCvVNAdxSQ9LmWH-S2eBwnqWy1IledxSJd3aOUKH_sUIkENQ0q_ur_14tyKc-cGKVNLcL2VnBfM7pAWa9Ul0kZLn9uvq8lemT5vMg9dDISxLKDWd29WU6kUuOcOnstyXkAtG9xTuL7BOicrekrVqG8-Cdcu1SBO64DIOSz6pgYwyvOJ_k25KA8j3AXAPHFHeVIV58V4Buzyfmi0MD_IWb8I4rCJ_9KlHYwYa_SuETI3ZXUV7EkHx3t2gL5eThTEXa_O0EP3wfYSAHYUUWIvE3Nf3ebT4A4xVDY1T3FUkp1qGkDZRPet7GvGjUHIrTH9n2nKDsy5Cb7rZhb_RoeUTKz7l3TG2ztpQbZpOqQmHE1mMp0ZsICrIXJTgmZffgMBJSHmVdnwuVufnHn-h1a3EJ2nXM1C2DM6WER9BNW9wMEggOnvf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8771019445501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 795dbdc3dcf70473464465d0c69b829b8366430cb099aa71fa9fc02a7a7b44ff

Request headers

Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 93902100154065801084868011683023
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 332
Expires: Wed, 11 Aug 2021 22:10:34 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPACqyTwUYdr5DaTZ7_UPhpO7yAyG3bDSXbSYr7q8CvAuEAEg3Nf7ImD7gYCAiArIAQmpAtqrl517tbM-qAMBqgTPAU_QZuGaOlqO-KfZZK_GJ2VUB0Dcxyj7MbFJkMy_J4lnHBXHBtr9sWLdKlihohqXD7RuUm5_EWKtass4G_OMy7efDTUfnDaMKBxSm-u4Rgx6ziXBp2pflIzuDMMSslWuZn3O1GxkdAilKWGKDQX8geeHQx38S3WOCsL9krS6YAMeQjVNDg_y7cekIC5B9N6KfPo5CafCWYJ25E2lVTcyc8EH6ZRdyZxYowFLptbsm_2kywWf2RSbzCoSCbmP7_5ix2QHimQAR0GcWXvBkujFKMAE8c6eps8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPNxrUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRocwGgscufSVe7M7GYPeacMoeS-A%26sig%3DAOD64_12Epoo3lNnyzQNicAK6HIW9ZiVpg%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Dea7G0KJySdODv_H2iMFyjWUem0lsF_OlxnTQKKg3nnURgiC0XJDa8W0uaOOii1D_Y3Pqurr7ABI3jWNsC4ZEhY5FI5U94fdZ9xYCQZSbEe2Vq-shc6HZC7z_E9T_yJT_1qPQ7kD16LaThKU-BkhNRLiGbBw%26cry%3D1%26dbm_d%3DAKAmf-Br-3KRRmrTwAW5Hm2nrXLpPCvVNAdxSQ9LmWH-S2eBwnqWy1IledxSJd3aOUKH_sUIkENQ0q_ur_14tyKc-cGKVNLcL2VnBfM7pAWa9Ul0kZLn9uvq8lemT5vMg9dDISxLKDWd29WU6kUuOcOnstyXkAtG9xTuL7BOicrekrVqG8-Cdcu1SBO64DIOSz6pgYwyvOJ_k25KA8j3AXAPHFHeVIV58V4Buzyfmi0MD_IWb8I4rCJ_9KlHYwYa_SuETI3ZXUV7EkHx3t2gL5eThTEXa_O0EP3wfYSAHYUUWIvE3Nf3ebT4A4xVDY1T3FUkp1qGkDZRPet7GvGjUHIrTH9n2nKDsy5Cb7rZhb_RoeUTKz7l3TG2ztpQbZpOqQmHE1mMp0ZsICrIXJTgmZffgMBJSHmVdnwuVufnHn-h1a3EJ2nXM1C2DM6WER9BNW9wMEggOnvf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8771019445501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 11 Aug 2021 22:10:34 +0200

GET
H3-29 200 impl_v78.js Show response
www.googletagservices.com/dcm/ Frame 2955 37 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nxtck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 12:13:29 GMT

GET
H2 200 B25951977.304487582;dc_ver=78.226;sz=300x600;u_sd=1;dc_adk=1767435180;ord=gew7lm;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.... Show response
ad.doubleclick.net/ddm/adi/N4022.2365101ECSELIS-14_FRA_4022/ Frame 6448 41 KB
21 KB 132ms
62ms Document
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N4022.2365101ECSELIS-14_FRA_4022/B25951977.304487582;dc_ver=78.226;sz=300x600;u_sd=1;dc_adk=1767435180;ord=gew7lm;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56369%26aid%3D583208%26ev%3D76494%26rid%3D7misw6fX3QaC_vcn%26sid%3D668788522%26uuid%3D619aaa65-362f-4679-8260-d0cf67a1379a%26ecr%3D%26referer%3Dhttps%253A%252F%252F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%252F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.opovo.com.br$2,https%3A%2F%2F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=vEb25LD_h6;osda=2;sttr=36;prcl=n

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

9089189f8ee7c138d8b093914771942f311fb5fd74a62e68d682f8d410e0d625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N4022.2365101ECSELIS-14_FRA_4022/B25951977.304487582;dc_ver=78.226;sz=300x600;u_sd=1;dc_adk=1767435180;ord=gew7lm;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56369%26aid%3D583208%26ev%3D76494%26rid%3D7misw6fX3QaC_vcn%26sid%3D668788522%26uuid%3D619aaa65-362f-4679-8260-d0cf67a1379a%26ecr%3D%26referer%3Dhttps%253A%252F%252F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%252F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.opovo.com.br$2,https%3A%2F%2F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=vEb25LD_h6;osda=2;sttr=36;prcl=n
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nxtck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3j7ypVqOYQmRLKrfjV8jMiTE_oeqeaaTnDvtb9vZSFdiUQRpy7BoPM_4U; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://nxtck.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Aug 2021 21:10:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 20626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 OBA_marker.png
cdn-ssl-as.nxtck.com/iab/img/ Frame 2955 3 KB
3 KB 28ms
28ms Image
image/png 34.107.167.126
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-ssl-as.nxtck.com/iab/img/OBA_marker.png
Requested by: Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.167.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 126.167.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://nxtck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:34 GMT
via: 1.1 google
last-modified: Tue, 02 Oct 2012 09:47:13 GMT
server: nginx
etag: "506ab821-cbe"
content-type: image/png
accept-ranges: bytes
alt-svc: clear
content-length: 3262

GET
H2 200 OBA_en.png
cdn-ssl-as.nxtck.com/iab/img/ Frame 2955 4 KB
4 KB 29ms
29ms Image
image/png 34.107.167.126
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-ssl-as.nxtck.com/iab/img/OBA_en.png
Requested by: Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56369&cpid=23484&cb=1628716233504501&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.167.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 126.167.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151

Request headers

Referer: https://nxtck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:34 GMT
via: 1.1 google
last-modified: Tue, 02 Oct 2012 09:47:12 GMT
server: nginx
etag: "506ab820-108b"
content-type: image/png
accept-ranges: bytes
alt-svc: clear
content-length: 4235

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA9C 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUOnqyjwUYauECNnjgQeRqKXIBQAAAAA4AeAEAg&bg=!BQalBkLNAAbOj6irzo87ACkAdvg8WsTtJDCHBYIaAehQhCMBFT3vFhfHnJccjEYXl0QoBnjbnijvewIAAADlUgAAABxoAQcKAHJIsr75sB7q0S54NfI8rVYfmJNSaCCyxsSHsXfCxEMn27mxPamCsfsRviWMIKwsb_Fv7A0TU4s_lZkowsXkBt2FanxwHJNQdLFCHECBawZ3xqKJVnxa9GFCfruLH8ew9uZt-zULCudb-hZql4Ibs6Ts8PKZAs0wvfEwgM-Mi361KmPYXQr8yvbVVPfCodzeX-5in2jzqNCk0DzOLdkUU8YCt9sbOghuPXAtzDxHgbF1UX4_RN5sugVNpPSg7mmU3FBNrdKTpybI544TxDHttMAv2oFl0zck-X_DeBXWHp46j44dvLD55pcSlYd7ssM7AyJJPWALi3MXiqQKIzZejV_CvnF0Ti5QqqhoX95XhelDjcQWnvNsY7sFZGc6bZ9M-HPrAFFOTVnKMcj6leebGuaGSGBCRejEsOFAeYFDej25nI6Tz6_2Gs_s8xX7aSfAwodkblB42mh007QTd_SIHsb4rCMa1rFQ6rsoNIGYfrBTUHTP_lMeE036yWQWavc7QyfELkGCHs-jDyoMiV5S9sALSejTYHHZ5eLexNTXspCciARZwkvPloT7sNM6et5CnCJe3ohI5hzXOuTaTqFBAMqoy6kgSvEh2goPwclt4XX7xFKHh0v663qcJIvYawMTOGTeUAr2wSFW4wS9x4PWwG9_aHWmr-vU7nqVxCH8mXl--YFcGE967VqoJkMts8bgEVpW4vSyxEjRL5lApAWnuhsJodnrYRHi18h7UnB5ZSdOkzRlBHtO4RE4ZeTbAT2I7dwzms5s3BwBCSvTevRxybDcCG0xuljXtbFhCeSA_FTT2xoVBiPCrAS0gj4tRvfMpvSIWlLjyUyb8j3xmLblaj2saxdF6ki33HfKuDDkOs-5OrwadyTrnH5ZTpgUVh7ou6m3VUTTqpKoHyw3Q5m2ZJN1_8ZLPMpv4_AYnaXnusffmnE1TINwGbd-tcqIgpCzZEe8OpLpGMmRHW2h42w5u_d74K8MJL10xIg0hyaP0qT5gGe66DYxDXxaGksnUXXTzyCmhirHc5wEbV-VQ5Zv-3OhZy2N0JXHzd6AmI3QQuoymuipigjwr7SNcy5JsLffgGCaioNiLWMrDXmVkH8UlX6nUn0

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A37F 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfSEiyjwUYbSMC-iK7_UPt-GEkA0AAAAAOAHgBAI&bg=!9fal9rLNAAbOj6irzo87ACkAdvg8WkzXVtKU8GPA6-iXWlsib8aFjHK4cbTDYeHcD-gDD2wq_rrQbQIAAADhUgAAAAxoAQcKACXfv5Bv1yR192wcs8zSnR-S4UmCLg7bYLbqE9jDqSLTz_SBkrVFmQLJRtw_ivduBec1RiCUOp77f3kCK8Bf-is3UVYa95xFyX2uHKfhMg01nrLTYpo7spsDggtZjlPofuyoa1sfw3wzIJwL0p8ZDTiCkL8-L_5hz8Q7IskIDMJB3M3ctzuhHOkoqoqPvT4AeXz5v8ZIIQCHqNpQSjZiolJESx7ZFjddYiOMMwGePdUgFm4qH74OhkS8f93G8mlHXv2QS6jEwjHtN04BYTYCHGoI3sqOxO4zrVq5j4SgI8uP9O3Aea1CRPKpEc4ECZyroZPrs6JegHVkEc3ILK_MTu5GENcIMK0lXUdHMm5qUJOy6BO1hTGYGK1uB-JlJTPAYgHxzYFm5jDW7XD8pTfVNAV_LIgY8AeNAvDTuo1q-6JFJZZewM57KXDtIsixpHT8PKihK4xt7EZRegZ5xe3S6PFRpvY5dixsSNoK5JHR6H9MW2NfnOOXdsW69pLQp8EA4fNtJ_0Faurz8KmsuuT9VAuf8jVnBorjdLuVS7ospgYfpKz9vYZxdo8m73fNTGp9Chxxh-gCh2RI19ewpHeMwUEiy_gaPfOmsOBLTQW7Tf1uzb9qWYW1k-EoebswG_IF2bDfHKnnIE3Ja4Nyqk0yPOv7h2z4fqNY_Y4uQ5pKHMg4EV7DMEWytztGUzIJ1si0VdHI8jsGgOp8rH_quA3sK5cTNbxYCKTQeRxkOBFmVMWIcnT_F_NItlXorJ_-FJoI9yfAGI_EkizIjkB-LYMqEndfmFIhjvpiTLHgAD9dViqbdbz1JG5XqxCPxo87FVIgLqnRvB_anVgjJOtyIAp0DLBpxR42cxjlMsl4tTh_YzJSGHrfGdfd4tJwIHuRr81unWLEjNlryvl7qXgb21yb7z7ChfdyiLJgHr4kNPo4QgDmkpeietCajefLbzVVt9rs-U2H-ZE-BXd-lyYpyyBrf0z2VCDA2SUEUF7Dn4zD73FHqro

Requested by

Host: 687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
URL: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame 6448 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4022.2365101ECSELIS-14_FRA_4022/B25951977.304487582;dc_ver=78.226;sz=300x600;u_sd=1;dc_adk=1767435180;ord=gew7lm;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbxc7yTwUYbXlHv3K7_UPxL6dwAuCioKSZPfDx-qSDq_q5PHIARABINzX-yJg-4GAgIgKoAG9j8yzAcgBCakC2quXnXu1sz6oAwGqBNIBT9C1urvAFeB5KfcQPir0USh0IH4BLHnA5DvZlPLnGGYyvlqql4Vu1xuQyxixILMUua4pBpi95BR9sMACmqE_eSaEzVMf0X2uZ73DNDNZxynBx74Zq_q462FbCIycdePLK0mBGSRsfuynZbzuZeKhoAkdcSx58WA3ks_f8DEz3JEuIkRrg8aWcWPPRdtbBEMYkFDRJxrcal5oGabN5Jw_wxijKWy4qYd8PFNO4_hXSq-VUWtAl-owKte-3u4W68radY4IZZ1CqDbAdLDttP_Ws7lUwASnp9n8ygPgBAOQBgGgBk2AB6vws8wCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPcgaYMyBOCi9HdA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRolvtsra10d9D_su3BTwXhv8WHRg%26sig%3DAOD64_3SSDZY-SPe5J0UEuM3qhfYoOG_Uw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BFv0zalNAqsbgTWgV-Hp1PgS19O_mfJH_rjNwIL6Hq33FNnxm8v8x3ckZKbT5tCEgjqxQS9DTxBZVVIckT2jTPif-jXKMdSk3ppU3-JOSKnKl7WS30k1BPPrwiEcTWW9kCFUkZwfQzhP9DEedjzgq9ioNWWg%26cry%3D1%26dbm_d%3DAKAmf-D5s5GEgSsnXwE2CCSNB-HAUa1D2Y34By0WAynzrkxSIgCFVpeaie9hhPFojbRN_x5vNxHG31TQh3oBL2dqijIfaR6pRxG8eHIRexZGVOrWw3zggNJRq_qOsS04zNTdbpkUPPoudeq_JBdijwfYtRC0EYx1PbjLkxObaWt4qt0sOZAAycXmrijO669Iet3X-rzDfAKVINeUFnQzNp34Mu4MlOTNRFpqHB9owijuIpxknEeFcpbK575J-nt7I4ZeTI9c4YTk67AIpKb5OGsTXse2Ax37C5rk9rZrsewMYY9HbDRHx3Qt0bKU7Qxf75JE9U0qZw2i6-bZ2BeV4FTjatEMSpN11kdhqIkaOUZP7NaefcUgDsJI81hhdK1itZnzvy5hi7qJmg7En3sGk9ol2HrKZOQFFpLt2miMGMk6p61jC88R-fdt6yxjfRhONlcOO9GEy38PaMZlFrvGhFtoSGRs2rZu7w%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56369%26aid%3D583208%26ev%3D76494%26rid%3D7misw6fX3QaC_vcn%26sid%3D668788522%26uuid%3D619aaa65-362f-4679-8260-d0cf67a1379a%26ecr%3D%26referer%3Dhttps%253A%252F%252F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%252F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.opovo.com.br$2,https%3A%2F%2F687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=vEb25LD_h6;osda=2;sttr=36;prcl=n

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:57:25 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 6448 114 KB
40 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ad.doubleclick.net
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 19:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 19:55:34 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6448 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 16:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 16:47:21 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9A7 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 11 Aug 2021 00:07:07 GMT
expires: Thu, 11 Aug 2022 00:07:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame D9A7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 20:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 20:01:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6448 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:34 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 4 KB
1 KB 20ms
7ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07caf2179fcb3469fff5f08c9fdd3a6921a21542b850ce7fbbd8de61d6b6f53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /6278281/1622044457304/300x600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1319
date: Wed, 11 Aug 2021 08:33:25 GMT
expires: Thu, 12 Aug 2021 08:33:25 GMT
last-modified: Wed, 26 May 2021 15:54:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 45429
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6448 0
545 B 111ms
42ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssE-jE4oPKEOdQrKh4YuLYwZ2t_JeJsyPZWVdEKcD3upnOUCKSFyRh74pXrkAIgUhgst4F7u_39W6Qmnsf0vNdXM50SQTkd6PgH6D55FZCqGambJJdv5YRQdE8afc3LXOFOywEj9X5uerB3cNnjtjA1IX-b1QGMKg&sig=Cg0ArKJSzIe2ojlNU2dXEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=50&cbvp=1&cstd=47&cisv=r20210809.74986&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 style.css
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 1 KB
491 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c4ab8ae3f8bd0d717d2b739be6e2afebdd24985700ab349683c23034c02d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 467
x-xss-protection: 0
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 ad-scripts.js Show response
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/ad-scripts.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a6b7b758b073d4213470e79cc512593162414a7c599ee424e2300426107c4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1196
x-xss-protection: 0
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 COM_fond.jpg
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 2 KB
2 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/COM_fond.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ddc67604747ee1e041af3614967b30e23fc9930635748208c9b790b1035708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 45428
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2465
x-xss-protection: 0
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 COM_logo.png
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 10 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/COM_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13354208a8942810623bba74a62996bec8a67525e11bf1137e040a7c7facb552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 45428
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10661
x-xss-protection: 0
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 F1_txt.png
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 24 KB
24 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/F1_txt.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f14c438a34d425abf8d8468735a5f018c4ae8dfc84dc30e1302a3bb3b2c8300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 13:50:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 26382
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24343
x-xss-protection: 0
expires: Thu, 12 Aug 2021 13:50:52 GMT

GET
H3-29 200 F2_txt.png
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 29 KB
29 KB 12ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/F2_txt.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90037dd7c02342401945fa97416a49c7c195c760072a959499197324be317dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 45428
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29517
x-xss-protection: 0
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 FF_txt.png
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 30 KB
30 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/FF_txt.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c6977d32825d86404b997f2dc3e3f9b276268585ef45418c7bf306edad5f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 45428
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30829
x-xss-protection: 0
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 FF_cta.png
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/FF_cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb7974bfb689b4016e953ad056bd79b236351b9c3767d207be1d17c7993859c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 45428
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2446
x-xss-protection: 0
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H3-29 200 FF_slogan.png
s0.2mdn.net/6278281/1622044457304/300x600/ Frame F081 7 KB
7 KB 12ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6278281/1622044457304/300x600/FF_slogan.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cebd6b1605c9cf92e51022df5e9a276daa50ab9e159430394b605edaa59cb22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6278281/1622044457304/300x600/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 08:33:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 15:54:17 GMT
server: sffe
age: 45428
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7279
x-xss-protection: 0
expires: Thu, 12 Aug 2021 08:33:26 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900023.redintelligence.net/ Frame 23C9 4 KB
2 KB 104ms
35ms Document
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900023.redintelligence.net/request_content.php?s=93902100154065801084868011683023&a=b820c253
Requested by: Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=jtvh1z3sifh9&nw=20&renderingType=javascript&namespace=e6e7e8877d&subid=&uid=ee7e94fb9f3cdb6e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPACqyTwUYdr5DaTZ7_UPhpO7yAyG3bDSXbSYr7q8CvAuEAEg3Nf7ImD7gYCAiArIAQmpAtqrl517tbM-qAMBqgTPAU_QZuGaOlqO-KfZZK_GJ2VUB0Dcxyj7MbFJkMy_J4lnHBXHBtr9sWLdKlihohqXD7RuUm5_EWKtass4G_OMy7efDTUfnDaMKBxSm-u4Rgx6ziXBp2pflIzuDMMSslWuZn3O1GxkdAilKWGKDQX8geeHQx38S3WOCsL9krS6YAMeQjVNDg_y7cekIC5B9N6KfPo5CafCWYJ25E2lVTcyc8EH6ZRdyZxYowFLptbsm_2kywWf2RSbzCoSCbmP7_5ix2QHimQAR0GcWXvBkujFKMAE8c6eps8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPNxrUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRocwGgscufSVe7M7GYPeacMoeS-A%26sig%3DAOD64_12Epoo3lNnyzQNicAK6HIW9ZiVpg%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Dea7G0KJySdODv_H2iMFyjWUem0lsF_OlxnTQKKg3nnURgiC0XJDa8W0uaOOii1D_Y3Pqurr7ABI3jWNsC4ZEhY5FI5U94fdZ9xYCQZSbEe2Vq-shc6HZC7z_E9T_yJT_1qPQ7kD16LaThKU-BkhNRLiGbBw%26cry%3D1%26dbm_d%3DAKAmf-Br-3KRRmrTwAW5Hm2nrXLpPCvVNAdxSQ9LmWH-S2eBwnqWy1IledxSJd3aOUKH_sUIkENQ0q_ur_14tyKc-cGKVNLcL2VnBfM7pAWa9Ul0kZLn9uvq8lemT5vMg9dDISxLKDWd29WU6kUuOcOnstyXkAtG9xTuL7BOicrekrVqG8-Cdcu1SBO64DIOSz6pgYwyvOJ_k25KA8j3AXAPHFHeVIV58V4Buzyfmi0MD_IWb8I4rCJ_9KlHYwYa_SuETI3ZXUV7EkHx3t2gL5eThTEXa_O0EP3wfYSAHYUUWIvE3Nf3ebT4A4xVDY1T3FUkp1qGkDZRPet7GvGjUHIrTH9n2nKDsy5Cb7rZhb_RoeUTKz7l3TG2ztpQbZpOqQmHE1mMp0ZsICrIXJTgmZffgMBJSHmVdnwuVufnHn-h1a3EJ2nXM1C2DM6WER9BNW9wMEggOnvf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8771019445501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e029d517f603b143db6effeae435c5c00816df01a38b0cca71d76d752b4581a4

Request headers

Host: hal900023.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=c40920e635a45a7a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com/

Response headers

Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 11 Aug 2021 22:10:34 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1412
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame A69A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e223b853f1f17d39ad396844c97e27f1d085cd47adc577108f7c5b84dfce3c7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6448 0
23 B 80ms
41ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 23C9 77 KB
77 KB 160ms
47ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
Requested by: Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=93902100154065801084868011683023&a=b820c253
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34

Request headers

Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 21:10:35 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-13517"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 79127

GET
H/1.1 200
OK viewability Show response
hal900023.redintelligence.net/ Frame 23C9 0
150 B 124ms
44ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900023.redintelligence.net/viewability?s=93902100154065801084868011683023&a=8cb580df&vb=m
Requested by: Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=93902100154065801084868011683023&a=b820c253
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900023.redintelligence.net/request_content.php?s=93902100154065801084868011683023&a=b820c253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 21:10:34 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 23C9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9A7 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2_5eyjwUYaDvIM3k7_UPm862uAEAAAAAOAHgBAI&bg=!AgGlAUXNAAbOj6irzo87ACkAdvg8Wg5jvcNTHHlzLFLptNxXlT3Jv559uEhuuId7CBXNH6e02FtcjAIAAADFUgAAAA1oAQcKAAFhmQL1YqMqD7M8Iy6kZmjxAMplHBr3IpImiF7Ss3YrTpbdhMCBPkvdp5A3U8l980SX4K_qGZo8F_H7gIzXRDf7HGDDuqFGFjmMj4kLQqVhOA954W_afHUDQfg8SKsdyTOndR4JSHJok5xEFrEgOh9NlInJbxVJAoMf6iZG2dErzT6CxfW1xqwqBXaatrA_m7T8bkd1Y2oG0jLH_-FDcX0Q-YSCQ9M6tJqF_ahaMIAxLRrihqonqOuiU47IY3olfZB04Eg3zJ9SbXhk4bIAqtzQLaPNRAJCI13426KNhLBx1tRpbS6MjcJKSKoL2v7d1JgmXWi_2Fmflmwx_tjPbWtjzVOsnBLE1lOfFqdeZ0p2H0DNviqbNP8dqrMZ0_x9Bxvb54jGdZB4q3puamzVBLhr7MJzEyVU2TCHTfG5gmIDtYeSGps8ypipmuBJTG3t3l4PLpa0iND6-NklqpCpvzJqtJKLviceBxtlwgaQbVJiT0l2W_KMUf-BwdR9k8hekjdcE616K9t8Lsn5ebY8RqsAZwfrHQBQjXpUNdsmWnEtf90fhzme8I9HCDOVAQxAjhiMWRiAkBSK1uICd_KMNK6aazJu30NwhGUuduNvz86KG5axT9BBs6_z04b3t4clagrGO477jYEJLeJMzNxfRdY4hqo7ff9FWePBv6cKaDyqAUgYkHQxh_SulV1r5TIgg75d1Aaoo_ua5VFzzbTduIrCeiNgHy0qee12VHaf22lVEDiyM93yz0o5c-xyuXJDUijy_Q-nMrZu750dUNfxVSxugU1oSXINWunKGoBLRC_nwRGbqZ-7tfjtVPp4LUXPYwlCnt49pSRvsDTGrbne2_25ThzrM2PKnyVImTVkLmKXqJXtenaB9-cpuyN_3ltTJmCd3EhLQm6mAzx6Fh7VyemRXzzZHSxadjyw9IW1s_9Dd3YpBvbkoW6yO1qJPOY8CubT9X0y7eaWF5HbMT6SkiLnrfCjZWCzm12q_EALAyO6rXVihK8H7jMHCA

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B89 42 B
64 B 41ms
27ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRr-JAAB4l1L91ZrkLURjf1WHUftTLPWdCWgjZlJVa_Ywx_4y8WgmM4MRhmIASSDGc0h1_knQ7C0zL4O0aX2pdLg3ykqOXk4lDuynNtjA8QL6ATgjF&sig=Cg0ArKJSzKnrg2XIYfkYEAE&id=lidar2&mcvt=1000&p=1140,640,1200,1108&asp=1140,640,1200,1108&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210809&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=765604454&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628716233599&rpt=281&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B510 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXF7mwng6Ldj8HAGWsD4yt6ZKZwa62jpfl2cQI6GjxuqVb3KryLqQhvlZVQ4RPi9PWJ2EVklnfULIzfYBhS1Y2ENL0mG6Dwbg4-jlsLF9eJ4mrto8qIk1oWGmInA&sai=AMfl-YRP3GC-kWHTChGErJjw58YgR39ucONGjb2UcZhH6VOej6z3ZP3hbDDXuDKMuVyeku3nP9fptnmggVpURZDxUmGpI1miQI_19BI0NDs8j-25nuwE5rpxlYeIhuDOoPZ1&sig=Cg0ArKJSzGdzQMJdaliZEAE&id=ampim&o=315,300&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=100&tls=1101&g=100&h=100&tt=1101&r=v&avms=ampa&adk=2160817647

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2F4C 28 B
54 B 19ms
19ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RShXiDjJIIA?enablejsapi=1&origin=https%3A%2F%2Fwww.opovo.com.br
X-YouTube-Client-Version: 1.20210808.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtWeTZwS0tmcURJMCjJ-dCIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628716233260&flash=0&frm=2&u_tz=120&u_his=3&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C610%2C343&vis=1&wgl=true&ca_type=image&bid=ANyPxKqtE7Zyo5CDIqgqZwzgN43v0aqO5_R__R7nh6gi90tSuz2jBGXN92kGVviewAqNjCnR3MPWKif0pVSs8aTpncFwBKdtBA

Response headers

date: Wed, 11 Aug 2021 21:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:35 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 25ms
25ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7860bebc8fe9b9066c0869b2cf27d1ab4f6918021208875f1773a9c7cff34f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 21:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8521
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 21:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 11 Aug 2021 21:10:37 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CC4A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 11 Aug 2021 20:01:27 GMT
expires: Thu, 11 Aug 2022 20:01:27 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8529 783 B
533 B 26ms
26ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

959d9e242a6eb84112b9229cbd83ffe23e0d7aec654665b6f2db247255b939e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PbHQQ3T5ldWBIu6Eb7+MzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

expires: Wed, 11 Aug 2021 21:10:37 GMT
date: Wed, 11 Aug 2021 21:10:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PbHQQ3T5ldWBIu6Eb7+MzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame CC4A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 17:27:57 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080901&jk=3497915320700770&bg=!HR6lHlrNAAbOj6irzo87ACkAdvg8WlefwGVeKSMh__iPrSxpACvVrYiiCuKGJdR65KD7D9L34DA-LAIAAABeUgAAAApoAQcKAPyXZVF7D37ZRI8eS8hxqqXNFfyAWV9S7PkIHyZOvp9IUwGvPU7XO73U06WTMY3loJhyAeyc7Sy43FLksa0RqYgHEEiZMA3f1UoPYsdoYmu-T_P5zBjR3kj4kPzLEAtjLvuCGSi4Wp7gkcN2fsR9JaC-nhKdFNzUDOmtixoe_tFoTw9bv_pxJmQaK8pN5y3YHKekzilUXw-HUJJ9jjrJk6KywsgRb6oDucWzBjbUFkKVhLWIFLfG64TafDzeN7ImxaIyRbOkdpe3vikS9eehzWeGPXD2hx_Zhv4WFZNF4SEEWmcE28n7zpZkoJ2Q0xuTtvMgXnQFclbR7A9r_bOZAmoc0IE7lB6YAIRcK5sohW7OSD8tfSKFoFZrWicuP5F58ZirqQmUmdWCPeEXmKP8Yis5kaBQolROb4oB_x6toQRw_qsCHzZR1BYOwyd8xDHSgps3s6tqw5WVAgKtx9YtN3CbltzUxJLymR5LZm2DCp-8U2ibBRgJ6xX5BTUJDKWhZTnrHKd4hqgjSs_tB_G4EKRtZcXRuUl0ykJh_CZlwX_HtLZcoDNhnPeQbYbKO_GnTJjWVrCdJ3Dii4MrK1vqHxbenL8dLVSHaJCoRYLiXxEq__VEwVYPrIgWVQEIupErGLGpYoNwB1r0zQUcBtLhBFP5iHTDnOD3cB3T5MTvEf22AavZAm1GyCzsU3C3Yl5e-vsXUTKdpOmfXv7C4F-rASWELjoQkLs8YcyuXbFtzPGQQbHXW763YpqI3mrK8BL0Hu6YYUhcLg-f5x5b8jPYB1H3NnlaTw-mZITi2x_CZusnKFA9qfllMBW5xYBbECuOhMEZoZg4qULlI7v4ylFIsMf1almjwrMZ-4NWvp0OiOjOthuYgYOkSbiB8CpGp-q47G_5zn1vbJOPoLN3NJhuU-z5d9RJGQXyq5AdeFNVqSQQSRSDws58FRrvGetxhvH3u1oHA6d_f-rfioXPd_-1OSSVOzCd3KwTUDJuA4kuUVI9X0XK5FK2M4ZMMuW8bs7xWPoxU2Z2XblKORnKd_skMw7_EnJm2vHuhBGUZQdhajrgy3EUp1uzhBPa3KQkhvgNOUtD0rVg9f8tev55zbDFZjkcZbBoHXH_3eh4oWUdHiioLYVOy7kekGXvj38AAHt76sdJYxl5pddVql8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 21:10:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1383743160&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fwww.opovo.com.br.us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20%7C%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RD%20Forms&ea=Viewed&el=escolha-de-newsletter-d40ab0d6a7038b3a503f&_u=aDhAAEABAAAAAC~&jid=&gjid=&cid=1000758193.1628716233&tid=UA-23310373-1&_gid=1657110017.1628716233&gtm=2wg891WBWHQHX&z=1359184494

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 11:48:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/RShXiDjJIIA

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 22:34:52	Name: 8lcfmzhxc8d6_uid Value: c40920e635a45a7a
nxtck.com/	1970-01-20 05:10:52	Name: uuid Value: b2558d66-2c6e-4528-861f-0259707e8234
.opovo.com.br/	1970-01-20 05:46:52	Name: __gads Value: ID=2a601f401edea408-2286d3559dc8005e:T=1628716232:S=ALNI_MayDc77ItcbagfKQlovTPkrF8RzMg
.opovo.com.br/	1970-01-20 05:10:52	Name: _hjid Value: 0873046b-2cf1-4538-b8ff-b907dd92adbf
.opovo.com.br/	1970-01-19 22:34:52	Name: _gcl_au Value: 1.1.21283821.1628716233
.opovo.com.br/	1970-01-20 13:56:28	Name: _ga Value: GA1.3.1000758193.1628716233
.opovo.com.br/	1970-01-19 22:34:52	Name: _fbp Value: fb.2.1628716233050.717526494
.doubleclick.net/	1970-01-19 20:25:19	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:46:52	Name: IDE Value: AHWqTUk3j7ypVqOYQmRLKrfjV8jMiTE_oeqeaaTnDvtb9vZSFdiUQRpy7BoPM_4U
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: JwSclm1B8j0
.opovo.com.br/	1970-01-19 20:25:18	Name: _hjFirstSeen Value: 1
.opovo.com.br/	1970-01-19 20:26:42	Name: _gid Value: GA1.3.1657110017.1628716233
.opovo.com.br/	1970-01-19 20:25:16	Name: _gat_UA-23310373-1 Value: 1
.youtube.com/	1970-01-20 00:44:28	Name: VISITOR_INFO1_LIVE Value: Vy6pKKfqDI0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://code.jquery.com/jquery-3.6.0.min.js(Line 2) Message: jQuery.Deferred exception: $(...).fancybox is not a function TypeError: $(...).fancybox is not a function at HTMLDocument.<anonymous> (https://www.opovo.com.br/reboot/includes/assets/js/main.js:4:1576) at e (https://code.jquery.com/jquery-3.6.0.min.js:2:30038) at t (https://code.jquery.com/jquery-3.6.0.min.js:2:30340) undefined
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.opovo.com.br/?
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.opovo.com.br/?
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.opovo.com.br/?
console-api	log	URL: https://www.opovo.com.br/?(Line 743) Message: Service worker registered. https://www.opovo.com.br/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

687c2834f8a9c8ef52f8aa855244ccd7.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
cdn-ssl-as.nxtck.com
cdn.ampproject.org
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
embed.radiopublic.com
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900023.redintelligence.net
i.ytimg.com
ib.adnxs.com
mais.opovo.com.br
maxcdn.bootstrapcdn.com
mcasproxy.azureedge.net
nxtck.com
pagead2.googlesyndication.com
player.transmissaodigital.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.opovo.com.br
www.opovo.com.br.us2.cas.ms
www.youtube.com
yt3.ggpht.com
www.youtube.com
130.211.47.109
142.250.181.226
142.250.186.162
143.204.101.189
143.204.98.24
159.69.70.9
185.33.221.90
2.18.234.21
200.194.101.94
2001:4de0:ac18::1:a:3a
216.58.212.162
216.58.212.166
2606:4700:3033::ac43:c0c1
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:808::2003
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::2016
2a00:1450:400c:c1b::9d
2a02:26f0:1700:d::1737:6ea4
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f11c:8183:face:b00c:0:25de
34.107.167.126
34.68.90.188
40.81.121.140
51.79.78.239
52.84.45.108
54.192.219.13
54.192.219.3
78.46.23.46
85.114.131.233
01926c1dc655b802e2f4e5f9501684064f48e6ac9bd9ec900968937fe44dea1a
02b42891008d9664f81c4d4a49510e55a943f863a79b711ef820ee778cf1c46f
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
07caf2179fcb3469fff5f08c9fdd3a6921a21542b850ce7fbbd8de61d6b6f53a
0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34
0ad109632376588f52247123a1faf794c8611b3b420c46386d00427733623a3d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8623033881da241cd6e7a0e7209fcbf39c46ba2e87eb6b523f7b15ac6d2949
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f2759813c496e3e16910b64efe9471f26296a311003c8b01f2c056eccc515ff
109a3eeca127938d31fa49861db880d78fe15e07deaf20a10ee86149ae695dd7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11dc66a366c3952a0dbed2205d6d5c48c26200befa3a4ccb6112be49ab774878
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13354208a8942810623bba74a62996bec8a67525e11bf1137e040a7c7facb552
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
17a7e110fe75abb6ae45bdb59eb36815371f0dcbf3a2a8b1296dccef40cc487b
19b7fbb7d2c2b44d319cbd02d4a37289b73fb75fa20a350a055fc84b0b96d7d0
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
21c656c6aae5babedb87b7511e29fad50499615042bf7fdf35667dfcbbf19acb
2220c4bf97f56a524ef4829a633e2da81b31d782998b0d88b61944508fb421fd
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
25a97b6f96010411d7098a277fc392cf8fe4c024a5bb5ef44b9da7790f0c0022
29efea16eb8035af7fbfd78ded781007b0252a339e31b3d976d10a5c2d66154b
2b00d227d7958b65dcd8a2f780e43644c2ad45655b6037ad23b7a2142a229a19
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ca9c4e355f5caba2d98744fce8cd95767b4196f3670388328d6af12ce5394f7
2d981ce75575944eb8894c8288c35a4a433e0073294af0bbe2e197ad896bc4a4
2ecc69ac2569c7d51c47188683562fa35f391a92207a4ea4cfce6327ed4b7124
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30c6977d32825d86404b997f2dc3e3f9b276268585ef45418c7bf306edad5f55
37be7a267c93deed806a27dbc7c367081e0f9399a76748a20e6f9f5e20ee51c0
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
3893d9665f8fbf07ef6b354ba585077392c45b3f503831a7e1e6ec48d2e2270b
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3e1dcab28d56d415e3591c4a20dcb4f579750ddbc5c2927db2693537a3be3d18
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f0a286769312e8db193ae35a08d50d0b60988e0e8faf3d4f9294b822617fe63
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d49733b68153b5908d90444dd86378352eba5f9c0915fdb780f409ea126a889
4e2f3bf9cc2d2d51bb012bacc14fa6041d2c6ae0396d6ec60564b175ad6250e6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51068d7e137c6b7726ed0c3761e2d5f06707bf6d43f9fd982e8c585ede2c4dba
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55fa35d4287b6076f06fe6c33f5302e04c594549b6fdb2fb67c27a840eb5060d
5883c97b5d12d166d1489e2f96e38a8c4e70b8eae2d97a6fb743f0b62d31c4c1
5a6b7b758b073d4213470e79cc512593162414a7c599ee424e2300426107c4b1
5b4653897fa212130fb903edef7589c0e0e8fd2e7b89140eca46359c1110bf2d
5c9ee068246b119e180428ea017dc563db6f5f80da90cdc398ea4a5151bb23b4
5ce46f553ca45d2ff6acac8e983bc80ad540a9e07c06309e79fddf07c9629f69
5d15a85c6f08c7c39a009e5abe7f14a5a562355ce2d0ad83f3cd314da39c6615
5ee25ab981932f30b684b02dbdf11c1297fec0354b5b2d8e5e78e5ebbace3345
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61deae71fd0ad0396d0819d19356b76f37d4d6a6d028bd1d04775ff083c3e147
6298b38f3fff05de65d95e2488175cfe03899c0fdb9708b2cf89d8cb0970a132
6334d3fb12d9adaf7c8dbdbbb98e6b38bdf95f53d675011e821802a0b82e6e13
63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69e804fb08d0f9c06b98e76f6a50a5fb7afa558e8b6085b1d25b4d44556461e6
6a37e9188ccc254bd226a3b20b91be9aed6ac4ee729f86a81df6da0cfb1576af
6cc5c5e68eae81b17a0296379af021769f3ae8732d62f16f2058615976c79535
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6dae544072c4991301930f77bbb9827737cf46282fb38a2862762cc84b39eb76
6fd5607dcbe171b837fe85c863ceaa921f82aa628f30006944cac938286376e6
70009818dd359fa38d706cf06c2906f7ad035c19218cd9eb0d083f19925aaf87
723e501f4e38617a697af2b4047c3185034ed26f1e5577d5f64feb1f46975cc7
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76f209d8990b80192f3157400a738d18fb009020bae132f54715a289813b3cc4
77971f305942c281a778ab2489e8e271d55504bcb5ebb38945e98f058219198c
77d07b489aa8efe2e5cd5d88e82b5f2f1e0ce451fcbc6f6cf171461d7945a1be
77dd7a6ab6c5b70535f944b314aefb2139419836cfcac9d57f765fc7c123b82c
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7860bebc8fe9b9066c0869b2cf27d1ab4f6918021208875f1773a9c7cff34f07
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
795dbdc3dcf70473464465d0c69b829b8366430cb099aa71fa9fc02a7a7b44ff
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7c30b7faefd4e8fefed030603d324d54adcab250726f3b2baa6d07388ababc2c
7ef85d98a397c2039d856617c8ea2725fcb682dfc9c80e43b4a646a24de669d8
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151
8390ca880cb9010395dfcf17e842c4b846fe445a88008317853280d2c198b8fc
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
8acb353b031da51b2508fa3b0f6037cbafb24a10063e30e720869142f4ae1eca
8bcf1eefa090e349dcfd3908bc8afe7ffe177bafb5454a3e476963f11883d422
8f14c438a34d425abf8d8468735a5f018c4ae8dfc84dc30e1302a3bb3b2c8300
8fbb724ede8e8ada47eb89609c41963653458311b8f1a1f0bc6de750f336f45e
90037dd7c02342401945fa97416a49c7c195c760072a959499197324be317dbf
9089189f8ee7c138d8b093914771942f311fb5fd74a62e68d682f8d410e0d625
923a86f756df2e8199556fcafe0362aebcb9359dd0b091589ed756cd272738f0
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
93de9da26817cc716a1e41bb7508dd98825bfb43ca156d26987d963287dd4291
959d9e242a6eb84112b9229cbd83ffe23e0d7aec654665b6f2db247255b939e2
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9790b1e59dc7381d61727e37a3427430c62f5507d85243b96dace08caf43f6e4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ee9f7aad91808ed8611c7b85abef34084d1717b3ac32314af7f705accaf1b
a9fd5bdff1852d66e8a7c3dd708d7ce22ee9105d9f06d9f73ea6ea7e84871e6c
ab9a8fa2c257f4bc7858faa91d156853f0b7bf42ed048f8ad6f0916595625c2c
acb0becd13931962fa74508e7f3cd03867de9ad713a80b495abbd40d0f139375
b08c9f7a86522551301ca94e21255ee178956b6fa21b5b339012a4b862028584
b0abc211f76d762989c87af1c20ba8f097934baa49cf2c4def542d6ce2a2ed86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4be89713a4c1c9d3924114991f78514a1889ebc8471656534da0a2e67a3fe82
b4d0b0ad9c7d497814338ccfb16c3ffab79729f3a2f8b1de1148398ce0bfb798
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7af630f5e64fa5126dba87d033705b6af29d1fc65e0067f04230845c72be3a9
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936
ba959ccf71867a76d7e4bc7bba9477b2d979659980edb7808e912964ae8356fe
c15e9c103ce642e0726e890cc4c8acbbbf57cb612021a2ef37b84e6d902e6181
c17bdd3155570f35de26a1f74f5d8d38ebd693cb690c8b09f7eab540c4d520f4
c2e7301ef0342222c5e298908ed2b1074229f47a59b999da7ba3e69a292666e2
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6ddc67604747ee1e041af3614967b30e23fc9930635748208c9b790b1035708
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8eca11d2042157cca4452b3e76ec73d8bea575f1b02a196fe64fdc6288d92ab
c97016870b24d7e538d20e7775074972e95d8d1bba9843968034059cf8e06a47
cbddc59fd95006e6df8dd917bc0f59cbb4f3216ed7a8b5fb735f532de86603c0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cebd6b1605c9cf92e51022df5e9a276daa50ab9e159430394b605edaa59cb22a
cf741964e9f94011b12fba5ee48912ed12c9bc0530448ebb08c0fc69f0c1206b
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9db9c26133de44e188ba8efdffc8ada7122550a3023fe6070660f02a1528e3f
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfc2535f6e81fe3e03bc7f1585541629734216cdd9c99f99dd8e7c09feb71089
e029d517f603b143db6effeae435c5c00816df01a38b0cca71d76d752b4581a4
e223b853f1f17d39ad396844c97e27f1d085cd47adc577108f7c5b84dfce3c7f
e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e552814195512a8b0db15994a32cb767eec3e3f3019b24f6b51ef65dfcd8aa16
e5fe677f5b7e72b891cd094fc07280de57be8c282ac46c6640cb898f2fc75d01
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ea5b6a0210cfbd83a9bde2a3b9944d77e2c8b041e19c2d7c907d54bdd8f87828
ed10d35454e38914e25e3065e29a312b424941cb16fdcbc232aaa7799025c1db
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
f2cd97361029231f60fed13cfcf4b7647194819d1e7510777a42c0757e9614c3
f3eb259e9fdba1b8e356bdea4a79e525debff6262b5c6b0a46591e82e6b7908b
f5c4ab8ae3f8bd0d717d2b739be6e2afebdd24985700ab349683c23034c02d32
f62d058eed4cc539bd198e74f38867d3e7ec28d1d70123573ea231647a066eab
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713
fb7974bfb689b4016e953ad056bd79b236351b9c3767d207be1d17c7993859c4
fbf857f2d8e2082494a42b59bb1f2c8bc8a7ec864d62d5165a024ffc25653054
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
fc0cbaf945a159758b1e56536890cd2d929d45c74f5c1a0b22a66daf3d8c246a
fd27afebefc1df9f840e6c9f09fabda18857d03e89c5245e24d709e7618e3420
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.opovo.com.br Open in urlscan Pro 2606:4700:3033::ac43:c0c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

262 Requests

100 %HTTPS

62 %IPv6

33 Domains

49 Subdomains

54 IPs

7 Countries

7519 kBTransfer

14106 kBSize

14 Cookies

42 Outgoing links

Page URL History

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.opovo.com.br Open in urlscan Pro
2606:4700:3033::ac43:c0c1 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

100 %
HTTPS

62 %
IPv6

33
Domains

49
Subdomains

54
IPs

7
Countries

7519 kB
Transfer

14106 kB
Size

14
Cookies

262 HTTP transactions
13 data transactions