cultura.uol.com.br Open in urlscan Pro
200.147.4.47 Public Scan

URL: https://www.ingresso.com/?utm_source=uol-parceiros&utm_medium=barrauol&utm_campaign=linkfixo_barrauol&utm_content=barrauol-link-ingressocom&utm_term=barrauol-ingressocom
Title: INGRESSO.COM

URL: https://www.uolhost.uol.com.br/?utm_source=midia-interna&utm_medium=barra_uol&utm_campaign=link_fixo_host&utm_content=parceiro
Title: UOL HOST

URL: https://pagbank.onelink.me/Dzpm?pid=midia-interna&c=26052023_uol_linkfixo&af_channel=uol&af_adset=parceiros&af_dp=psmyaccount%3A%2F%2Fhome&utm_source=appsflyer-midia-interna&utm_medium=uol&utm_campaign=26052023_uol_linkfixo&utm_content=parceiros&af_web_dp=https%3A%2F%2Fpagseguro.com.br&af_force_deeplink=true
Title: PAGBANK

URL: https://www.portaleducacao.com.br/cursos?utm_source=uol&utm_medium=header-menu&utm_campaign=cursos
Title: CURSOS

URL: https://play.uol.com.br/?utm_source=cultura.uol.com.br&utm_medium=barrauol&utm_campaign=linkfixo_barrauol&utm_term=barrauol-uolplay&utm_content=barrauol
Title: UOL PLAY

URL: https://ads.uol.com.br/?utm_source=midia-interna&utm_medium=barra_uol&utm_campaign=link_fixo_ads_uol&utm_content=parceiro
Title: UOL ADS

URL: https://busca.uol.com.br/
Title: BUSCA

URL: https://batepapo.uol.com.br/
Title: BATE-PAPO

URL: https://email.uol.com.br/
Title: EMAIL

URL: https://www.facebook.com/tvcultura
Title: Facebook

URL: https://twitter.com/tvcultura
Title: Twitter

URL: https://www.instagram.com/tvcultura
Title: Instagram

URL: https://www.youtube.com/user/cultura
Title: Youtube

URL: https://www.linkedin.com/company/tv-cultura/
Title: LinkeIn

URL: https://news.google.com/publications/CAAqBwgKMPvcnAswh-e0Aw?hl=pt-BR&gl=BR&ceid=BR%3Apt-419
Title: Google News

URL: https://www.tiktok.com/@tvcultura
Title: TikTok

URL: http://s.kw.ai/1v6hdAA3
Title: Kwai

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br
Title: Fundação Padre Anchieta

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/centralderelacionamento
Title: Central de Relacionamento

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/cobertura
Title: Cobertura

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/comercial
Title: Comercial

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/conselho
Title: Conselho Curador

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/editais
Title: Editais

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/sic
Title: SIC

URL: https://click.tvcultura.com.br/?area=Menu&url=http://fpa.com.br/trabalheconosco
Title: Trabalhe Conosco

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/
Title: TV Cultura

URL: https://click.tvcultura.com.br/?area=Menu&url=http://tvratimbum.cmais.com.br/
Title: TV Rá-Tim-Bum

URL: https://click.tvcultura.com.br/?area=Menu&url=http://univesptv.com.br/
Title: Univesp TV

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/radio/
Title: Cultura FM

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/aovivo
Title: AO VIVO

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/radio
Title: Rádio

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/noticias
Title: Notícias

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/esporte
Title: Esporte

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/entretenimento
Title: Entretenimento

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/noticias/colunas
Title: Colunas

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/infantil
Title: Infantil

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/webstories
Title: Webstories

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/programas
Title: Programas

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/grade
Title: Grade

URL: https://click.tvcultura.com.br/?area=Menu&url=https://cultura.uol.com.br/podcast
Title: Podcasts

URL: https://click.tvcultura.com.br/?area=ChamadaPrincipal_1&url=https://cultura.uol.com.br/noticias/63466_brasil-cria-130097-vagas-com-carteira-assinada-em-novembro-mostra-caged.html
Title: Trabalho Brasil cria 130.097 vagas com carteira assinada em novembro, mostra Caged

URL: https://click.tvcultura.com.br/?area=ChamadaPrincipal_2&url=https://cultura.uol.com.br/noticias/63462_ipca-15-a-previa-da-inflacao-fecha-2023-com-alta-472.html
Title: Economia IPCA-15, a prévia da inflação, fecha o ano de 2023 com alta 4,72%

URL: https://click.tvcultura.com.br/?area=Bloco1_chamada_1&url=https://cultura.uol.com.br/noticias/63467_policia-civil-do-df-prende-suspeitos-de-extorsao-contra-autoridades-que-acessavam-pornografia.html
Title: Operação "Cyber Shield" Suspeitos são presos por extorsão de autoridades que consumiam pornografia

URL: https://click.tvcultura.com.br/?area=Bloco1_chamada_2&url=https://cultura.uol.com.br/noticias/63469_nova-subvariante-do-coronavirus-e-encontrada-em-pernambuco.html
Title: JN.1 Nova subvariante do coronavirus é encontrada em Pernambuco

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_1&url=https://cultura.uol.com.br/entretenimento/noticias/2023/12/28/8974_estou-recomecando-a-minha-vida-disse-pc-siqueira-em-seu-ultimo-video.html
Title: PC Siqueira "Estou recomeçando a minha vida", disse youtuber em seu último vídeo

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_2&url=https://cultura.uol.com.br/noticias/63472_preco-do-azeite-aumenta-37-no-brasil-em-2023-aponta-ipca-15.html
Title: Mudanças climáticas Preço do azeite aumenta 37% no Brasil em 2023, aponta IPCA-15

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_3&url=https://cultura.uol.com.br/noticias/63458_congresso-nacional-promulga-marco-temporal-e-desoneracao-da-folha-de-pagamento-de-17-setores.html
Title: Congresso Nacional Marco temporal e desoneração da folha de pagamento de 17 setores são promulgados

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_4&url=https://cultura.uol.com.br/esporte/noticias/2023/12/28/7054_ancelotti-esta-perto-de-renovar-com-o-real-madrid-diz-jornal.html
Title: Carlo Ancelotti Técnico está perto de renovar com o Real Madrid, diz jornal espanhol

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_5&url=https://cultura.uol.com.br/esporte/noticias/2023/12/28/7053_vini-jr-vai-a-jogo-da-nba-e-recebe-presentes-de-giannis-meu-garoto.html
Title: NBA Vini Jr vai a jogo de basquete e recebe presentes de Giannis: "Meu garoto"

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_6&url=https://cultura.uol.com.br/noticias/63471_homem-tenta-furtar-cobre-em-escola-e-fica-gravemente-ferido-apos-explosao.html
Title: Zona oeste da cidade Homem tenta furtar cobre em escola no RJ e fica gravemente ferido após explosão

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_7&url=https://cultura.uol.com.br/noticias/63465_donos-de-veiculos-em-sp-ja-podem-consultar-quanto-vao-pagar-de-ipva-em-2024.html
Title: IPVA Donos de veículos em SP podem consultar valor do imposto em 2024

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_8&url=https://cultura.uol.com.br/entretenimento/noticias/2023/12/28/8977_amazon-prime-video-incluira-propagandas-em-planos-de-assinatura-em-janeiro.html
Title: Amazon Prime Streaming incluirá propagandas em planos de assinatura em janeiro

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_9&url=https://cultura.uol.com.br/esporte/noticias/2023/12/28/7055_santos-anuncia-contratacao-de-willian-bigode.html
Title: Mercado da bola Santos anuncia nesta quinta-feira (28) contratação do atacante Willian Bigode

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_10&url=https://cultura.uol.com.br/noticias/63468_petrobras-abre-inscricoes-para-concurso-com-64-mil-vagas.html
Title: Até 31 de dezembro Petrobras abre inscrições para concurso com 6,4 mil vagas e salário de R$ 5.878,82

URL: https://click.tvcultura.com.br/?area=Bloco2_chamada_11&url=https://cultura.uol.com.br/noticias/63468_petrobras-abre-inscricoes-para-concurso-com-64-mil-vagas.html
Title: 'Raspadinha' Ministério da Fazenda autoriza Caixa a explorar Lotex por dois anos

URL: https://click.tvcultura.com.br/?area=Coluna_chamada1&url=https://cultura.uol.com.br/webstories/2023/12/veja-maiores-turnes-da-historia-da-musica/
Title: Veja maiores turnês da história da música

URL: https://click.tvcultura.com.br/?area=Coluna_chamada2&url=https://cultura.uol.com.br/webstories/2023/12/praias-para-pular-ondinhas-no-ano-novo/
Title: Praias para pular ondinhas no Ano Novo

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/
Title: 19H00PRONTO ATENDIMENTO

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/shaun
Title: 19H05Shaun, o Carneiro

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/metropolis
Title: 19H20Metrópolis

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/receitadeviagem
Title: 19H30Receita de Viagem com Bel Coelho

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/economiabrasileira
Title: 20H00Economia Brasileira – a história contada por quem a fez

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/opiniao
Title: 20H30Opinião

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/jornaldacultura
Title: 21H00Jornal da Cultura

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/linhascruzadas
Title: 22H00Linhas Cruzadas

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/brasiljazzsinfonica
Title: 00H00Brasil Jazz Sinfônica

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/ensaio
Title: 01H00Ensaio

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/saudebrasil
Title: 02H05Saúde Brasil

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/entrelinhas
Title: 03H30Entrelinhas

URL: https://click.tvcultura.com.br/?area=Coluna_chamada_3&url=https://cultura.uol.com.br/programas/inglescommusica
Title: 05H00Inglês com Música

URL: https://play.google.com/store/apps/details?id=de.motain.iliga&referrer=adjust_reftag%3Dc0EQjfYmvrUzu%26utm_source%3DConsumer%2BWeb

URL: https://apps.apple.com/app/id382002079?mt=8

URL: https://app.adjust.com/6hdalgc_fkva1pw?campaign=tvcultura&redirect=https%3A%2F%2Fwww.onefootball.com%2Fjwplayer%2FQ7iCiXiE%3Futm_source%3Dtvcultura%26utm_medium%3Dpublisher_network%26utm_campaign%3Dembed_player_logo%26clfp%3Dsantos

URL: https://click.tvcultura.com.br/?area=Noticias_chamada1&url=https://cultura.uol.com.br/noticias/63473_ibovespa-encerra-o-ano-com-alta-de-22.html
Title: Ibovespa encerra o ano com alta de 22%

URL: https://click.tvcultura.com.br/?area=Noticias_chamada2&url=https://cultura.uol.com.br/noticias/63464_governo-autoriza-caixa-a-explorar-lotex-conhecida-como-raspadinha.html
Title: Governo autoriza Caixa a explorar Lotex, conhecida como 'raspadinha'

URL: https://click.tvcultura.com.br/?area=Noticias_chamada3&url=https://cultura.uol.com.br/noticias/63463_piloto-comete-erro-e-aviao-pousa-em-rio-congelado-na-russia.html
Title: Piloto comete erro e avião pousa em rio congelado na Rússia

URL: https://click.tvcultura.com.br/?area=Noticias_chamada4&url=https://cultura.uol.com.br/noticias/63461_eco-brasil-serie-sobre-sustentabilidade-e-protecao-ambiental-estreia-na-tv-cultura.html
Title: Eco Brasil, série sobre sustentabilidade e proteção ambiental, estreia na TV Cultura

URL: https://click.tvcultura.com.br/?area=Radio_chamada1&url=https://cultura.uol.com.br/radio/programas/supertonica/2023/12/30/176_adeus-ano-velho-feliz-ano-bom.html
Title: Adeus Ano Velho; Feliz Ano Bom

URL: https://click.tvcultura.com.br/?area=Radio_chamada2&url=https://cultura.uol.com.br/radio/programas/de-volta-pra-casa/2023/12/28/1798_ouca-a-integra-do-de-volta-pra-casa-desta-quinta-feira-28.html
Title: Ouça a íntegra do De Volta 'Pra' Casa desta quinta-feira (28):

URL: https://click.tvcultura.com.br/?area=Radio_chamada3&url=https://cultura.uol.com.br/radio/programas/cultura-livre/2023/12/28/230_cultura-livre-por-julia-mestre.html
Title: Cultura Livre por Julia Mestre

URL: https://click.tvcultura.com.br/?area=Radio_chamada4&url=https://cultura.uol.com.br/radio/programas/conexao-europa/2023/12/28/925_concerto-do-coro-da-radio-da-suecia-sob-a-regencia-de-harry-bradford.html
Title: Concerto do Coro da Rádio da Suécia, sob a regência de Harry Bradford

URL: https://click.tvcultura.com.br/?area=BBC_chamada1&url=https://cultura.uol.com.br/noticias/bbc/64526238_covid-19-por-que-o-japao-enfrenta-maior-numero-de-mortes-apos-2-anos-de-pandemia-sob-controle.html
Title: Covid-19: por que o Japão enfrenta maior número de mortes após 2 anos de pandemia sob controle

URL: https://click.tvcultura.com.br/?area=BBC_chamada2&url=https://cultura.uol.com.br/noticias/bbc/64452688_covid-19-como-funcionam-as-vacinas-nasais-como-a-lancada-pela-india.html
Title: Covid-19: como funcionam as vacinas nasais como a lançada pela Índia

URL: https://click.tvcultura.com.br/?area=BBC_chamada3&url=https://cultura.uol.com.br/noticias/bbc/64388465_fome-yanomami-por-que-reverter-quadros-de-desnutricao-e-tao-dificil.html
Title: Fome yanomami: por que reverter quadros de desnutrição é tão difícil

URL: https://click.tvcultura.com.br/?area=BBC_chamada4&url=https://cultura.uol.com.br/noticias/bbc/64397214_caixao-esgotado-os-relatos-de-chineses-em-meio-a-alta-de-mortes-por-covid.html
Title: 'Caixão esgotado': os relatos de chineses em meio a alta de mortes por covid

URL: https://click.tvcultura.com.br/?area=Esporte_chamada1&url=https://cultura.uol.com.br/esporte/santos/2023/12/28/149736_um-ano-sem-o-eterno-rei-pele.html
Title: Um ano sem o eterno Rei Pelé

URL: https://click.tvcultura.com.br/?area=Esporte_chamada2&url=https://cultura.uol.com.br/esporte/palmeiras/2023/12/28/149735_melhores-momentos-de-flaco-lopez-pelo-palmeiras-em-2023.html
Title: Melhores momentos de Flaco López pelo Palmeiras em 2023

URL: https://click.tvcultura.com.br/?area=Esporte_chamada3&url=https://cultura.uol.com.br/esporte/mancity/2023/12/28/149734_guardiola-revela-conversa-na-volta-do-mundial-apos-virada-sobre-o-everton.html
Title: Guardiola revela conversa na volta do Mundial após virada sobre o Everton

URL: https://click.tvcultura.com.br/?area=Esporte_chamada4&url=https://cultura.uol.com.br/esporte/psg/2023/12/28/149733_os-melhores-gols-do-psg-em-2023.html
Title: Os melhores gols do PSG em 2023

URL: https://click.tvcultura.com.br/?area=DW_chamada1&url=https://cultura.uol.com.br/noticias/dw/67841809_coordenador-pedagogico-excesso-de-funcoes-e-burocracias.html
Title: Coordenador pedagógico: excesso de funções e burocracias

URL: https://click.tvcultura.com.br/?area=DW_chamada2&url=https://cultura.uol.com.br/noticias/dw/67832950_biocosmeticos-sao-modelo-de-exploracao-sustentavel-na-amazonia.html
Title: Biocosméticos são modelo de exploração sustentável na Amazônia

URL: https://click.tvcultura.com.br/?area=DW_chamada3&url=https://cultura.uol.com.br/noticias/dw/67838641_sob-protestos-milei-busca-superpoderes-com-novo-pacote.html
Title: Sob protestos, Milei busca "superpoderes" com novo pacote

URL: https://click.tvcultura.com.br/?area=DW_chamada4&url=https://cultura.uol.com.br/noticias/dw/67838470_japao-quer-reativar-a-maior-usina-nuclear-do-mundo.html
Title: Japão quer reativar a maior usina nuclear do mundo

URL: http://fpa.com.br/
Title: Fundação Padre Anchieta

URL: http://fpa.com.br/centralderelacionamento
Title: Central de Relacionamento

URL: http://fpa.com.br/cobertura
Title: Cobertura

URL: http://fpa.com.br/comercial
Title: Comercial

URL: http://fpa.com.br/conselho
Title: Conselho Curador

URL: http://fpa.com.br/editais
Title: Editais

URL: http://fpa.com.br/sic
Title: SIC

URL: http://fpa.com.br/trabalheconosco
Title: Trabalhe Conosco

URL: http://tvratimbum.cmais.com.br/
Title: TV Rá-Tim-Bum

URL: http://univesptv.com.br/
Title: Univesp TV

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cultura.uol.com.br/ HTTP 301
https://cultura.uol.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://cdn.jwplayer.com/v2/media/Q7iCiXiE/poster.jpg?width=640 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/pjskwc0p-640.jpg

Request Chain 41

https://cdn.jwplayer.com/v2/media/F8NUcAcl/poster.jpg?width=640 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/i4lssbtv-640.jpg

Request Chain 42

https://cdn.jwplayer.com/v2/media/DIon8Bsi/poster.jpg?width=640 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/aj81jqg2-640.jpg

Request Chain 43

https://cdn.jwplayer.com/v2/media/HjOjmTlf/poster.jpg?width=640 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/kjd25za5-640.jpg

Request Chain 99

https://ssum.casalemedia.com/usermatch?s=191709&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1

Request Chain 101

https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-dub.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D1%2526gdpr_consent%253D%2526us_privacy%253D%2526uuid%253D%2524UID HTTP 302
https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=5279117664637391043

Request Chain 104

https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true

Request Chain 107

https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=t5kTcOLO4s8m&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1

Request Chain 108

https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT

Request Chain 110

https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=e8dcdaa4ca4b4083aeba6f680992c77a

Request Chain 115

https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent= HTTP 302
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1

Request Chain 123

https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=1&_fw_gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D HTTP 302
https://sync.springserve.com/usersync?aid=1000028&uuid=e0f8e5671df35e7ccc13534cbeaf1eb&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D

Request Chain 129

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126&gpdr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126&_li_chk=true&gpp_sid=&us_privacy=&gpdr=1&previous_uuid=4bff16381e1b4901a9eb0ccb3e86ab88 HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7021529529312003850 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4bff1638-1e1b-4901-a9eb-0ccb3e86ab88 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=895438b0-c47b-4c3b-84cf-d3483fa6cf9a%3A1703808106.9895623&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D895438b0-c47b-4c3b-84cf-d3483fa6cf9a%253A1703808106.9895623%26_%3D1703808106.991523&cb=1703808106.9916246 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529575758439&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D895438b0-c47b-4c3b-84cf-d3483fa6cf9a%253A1703808106.9895623%26_%3D1703808106.991523 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=895438b0-c47b-4c3b-84cf-d3483fa6cf9a%3A1703808106.9895623&_=1703808106.991523

Request Chain 134

https://creativecdn.com/cm-notify?pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Pbp8JUOQl_7WteAEntLkCYZgd7Fv3F3JAb3nQzomDmI&pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126&tc=1

Request Chain 135

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7021529529312003850

Request Chain 136

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 178

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js

Request Chain 187

https://gum.criteo.com/sid/json?origin=publishertagids&domain=uol.com.br&sn=ChromeSyncframe&so=0&topUrl=cultura.uol.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=CFnC-HxDQk5lT2FRZjFOdFZGcWhFM0hxNkE3dkVoZks3aFI0cVJmNTZkLytxbnJtbE1hZE5kZFI2b284ZG1wMi9CQVFnYnRLVm1hTTBGb1o5OENVaXdsOVMvVmZKeVVjL1g3MzVoOWErNVlDYnNuRzdpSlJJZkkwdWdNQVZ6a1ZST1JZSFVBcjlnMEdGbzE0SXR5WndHdWs1TWdJK1paMnlTZFczdzBJOWQ1d1BFbWJZMVI2dWNCWkxxdll4VDdYcURXTUVITElsMGNFRWZhK2N2RThkaGdRZXYyOXNxSXBXSlYvM0Q4NnJxQ1ZEN2hmWSswOXV6bndqYk9hNFBvd3kyNDlybjZ5Ly9henlEdm1DanpBQzkzaDhBQm1KZnNkc0p6b2ZBYmlLS09qTERWRT18&cppv=2

Request Chain 221

https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1

Request Chain 254

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js

Request Chain 269

https://pixel.adsafeprotected.com/rfw/st/1676726/75268012/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1014264744&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_placementId=20589622211&bidurl=https://cultura.uol.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iJJb9FmhTwld7TkPh9LLc- HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1

Request Chain 289

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY4MaWmiq1NwScaaH-A4aQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAomMdUwKBqj4w-Dx6Kahpg&google_cver=1

Request Chain 291

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3OTExNzY2NDYzNzM5MTA0Mw%3D%3D

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgh9_vEblR8P9Quz49i-TI&google_cver=1

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMZtusqqFFkg1STspDjQfBc&google_cver=1

Request Chain 313

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKDdlJfLXwHiDX2wKf6XAHo&google_cver=1&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCbsDoeWUdJ9JTOKTi8lMeaTWiA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKDdlJfLXwHiDX2wKf6XAHo&google_cver=1&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCbsDoeWUdJ9JTOKTi8lMeaTWiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg3ODQyNTA3NzIyMzc3MTM1NQ&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCbsDoeWUdJ9JTOKTi8lMeaTWiA

Request Chain 314

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO_jSmFmy2PVeTOsSLav82g&google_cver=1&google_push=AXcoOmTvIGHGsdRKK22TPDDpIes5EhfS06he_dqU80nwgwWBobVDkCLY3f7rOH-fWbkKqzZPYOerd8e56MkAPIcMo9c86vBqpYLq6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO_jSmFmy2PVeTOsSLav82g&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmTvIGHGsdRKK22TPDDpIes5EhfS06he_dqU80nwgwWBobVDkCLY3f7rOH-fWbkKqzZPYOerd8e56MkAPIcMo9c86vBqpYLq6g

Request Chain 315

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENn9g4VB_QpYOC53swInLAw&google_cver=1&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqCBTww HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqCBTww&google_gid=CAESENn9g4VB_QpYOC53swInLAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU0NDcyOTU5NzA1NDk0NzM1MTgzMw%3D%3D&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqCBTww

Request Chain 317

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPl03h8Muo1hodwsPDP3nSk&google_cver=1&google_push=AXcoOmTL7KSgKbbJCRUGKxuOcJPPOyFJowl9MhNpYDpUMCntFMzl7k6SYsEB37LMcmu1yM4X_w8YixnPxxUHg8LagzYDGpyxYb28S3c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTL7KSgKbbJCRUGKxuOcJPPOyFJowl9MhNpYDpUMCntFMzl7k6SYsEB37LMcmu1yM4X_w8YixnPxxUHg8LagzYDGpyxYb28S3c HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 324

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 342

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cver=1&google_push=AXcoOmTv_Qmv7aneY_fO00NRAFkaZcLc1jTtiCHFr9wd4rjS6-VRIQhMX9g4aeeUWPQLA6akdPtf4sXzvunC491G0qs4ZPgp506npw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cver=1&google_push=AXcoOmTv_Qmv7aneY_fO00NRAFkaZcLc1jTtiCHFr9wd4rjS6-VRIQhMX9g4aeeUWPQLA6akdPtf4sXzvunC491G0qs4ZPgp506npw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VGlVZXJIZGIxUmowalc1&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cver=1&google_push=AXcoOmTv_Qmv7aneY_fO00NRAFkaZcLc1jTtiCHFr9wd4rjS6-VRIQhMX9g4aeeUWPQLA6akdPtf4sXzvunC491G0qs4ZPgp506npw

Request Chain 344

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDollPK_-3_1n79d6pt4kzH_XxQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDollPK_-3_1n79d6pt4kzH_XxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDollPK_-3_1n79d6pt4kzH_XxQ

Request Chain 346

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBwjF80kf4buiJ36_7yaBKk&google_cver=1&google_push=AXcoOmSvm7chRb2-qHgpmgL9Ba3PcvGId4jA1XdnvCVbeYzDT8P37KPSUlzCq3vYsgt1rSo9kJn2RfxzkOid4avqXIhtd1RWJkU3Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBwjF80kf4buiJ36_7yaBKk&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmSvm7chRb2-qHgpmgL9Ba3PcvGId4jA1XdnvCVbeYzDT8P37KPSUlzCq3vYsgt1rSo9kJn2RfxzkOid4avqXIhtd1RWJkU3Ww

Request Chain 347

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxo_hbVME2_bh3_9ryvS9M&google_cver=1&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy2Ad-BbDyfgk8g HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxo_hbVME2_bh3_9ryvS9M&google_cver=1&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy2Ad-BbDyfgk8g&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy2Ad-BbDyfgk8g&google_hm=H5jBpGZHkoJr5QBtS1idftZk

Request Chain 348

https://sync.inmobi.com/gob?google_gid=CAESEAHnLjCM6HZn2J7WVIMXjfE&google_cver=1&google_push=AXcoOmQ8c3gx0wpLxJxCWRij4u3I1ctXzRb0GqaNJDn1k4c3_8ZGYOpqvJovERA-FJ1OV_DXXOkF6hToxxvkpSu0mwys2ZuNGazKCBs HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQ8c3gx0wpLxJxCWRij4u3I1ctXzRb0GqaNJDn1k4c3_8ZGYOpqvJovERA-FJ1OV_DXXOkF6hToxxvkpSu0mwys2ZuNGazKCBs

Request Chain 353

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183575173&d_placement=376139746&d_campaign=30665181&d_bust=766327241&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183575173&d_placement=376139746&d_campaign=30665181&d_bust=766327241&gdpr=&gdpr_consent=

Request Chain 376

https://pixel.adsafeprotected.com/rfw/st/1676726/75268010/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1014264744&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_placementId=20583580986&bidurl=https://cultura.uol.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jglAoWqfa9nvaTEPAEFc0a HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=

Request Chain 381

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOtZ_tNyot6qZw1VM3vZ3N4&google_cver=1

Request Chain 402

https://a.tribalfusion.com/i.match?p=b6&u=CAESENP-hdBNlWCpLhbnN4pUl2A&google_cver=1&google_push=AXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENP-hdBNlWCpLhbnN4pUl2A&google_cver=1&google_push=AXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 403

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDX-rgTAIYrXgbEA_qhP5bI&google_cver=1&google_push=AXcoOmSBF3cBeR9wI8WCJB3CrWKcdnikLTWyVT5n-dIa66BCpXvtpP2BENGb_-Q2MVkNc6y-peTN2rUolTBCMebsinss8b09XDt2dw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSBF3cBeR9wI8WCJB3CrWKcdnikLTWyVT5n-dIa66BCpXvtpP2BENGb_-Q2MVkNc6y-peTN2rUolTBCMebsinss8b09XDt2dw&google_hm=hmWODGxQdUTMhLmvgg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D658E0C6C507544CC84B9AF82BLIS

Request Chain 404

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC6dqsJ8Fdgjc1XlUlu6MWA&google_cver=1&google_push=AXcoOmRvsg9ByuQceFnsr9P3vMAhVhE4WDt0VPUYWDHn5Xvt4Bi-6PAry2WcU3_Cu2-dz8P7QnwRQQU_7mDqyy37IZjp7YbXgaTaQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNzgwMDEwNjgxODI3MTM4NQ%3D%3D&google_push=AXcoOmRvsg9ByuQceFnsr9P3vMAhVhE4WDt0VPUYWDHn5Xvt4Bi-6PAry2WcU3_Cu2-dz8P7QnwRQQU_7mDqyy37IZjp7YbXgaTaQA

Request Chain 405

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmRped0sEZQeubK0q6liyZxTAisgZqpqsJTKDlSwJ9apV8AXce0kekpZo0qZR-bi3jZtNq4HdLj7MqOMyZIUarsH5zEdvRArsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmRped0sEZQeubK0q6liyZxTAisgZqpqsJTKDlSwJ9apV8AXce0kekpZo0qZR-bi3jZtNq4HdLj7MqOMyZIUarsH5zEdvRArsw

Request Chain 406

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqXrVO45s52FvxbZJswJwA&google_cver=1&google_push=AXcoOmQ7AwzIgJcLL98NgfOFaCZmkiD7nqM9pw22uwyMCtFNhyyxEZRc8l6QlyAeEe-2juVMHajkQP0PHqM0MYi4YETIxYxMCieG8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFQVkNUQ00tUC1KNkFV&google_push=AXcoOmQ7AwzIgJcLL98NgfOFaCZmkiD7nqM9pw22uwyMCtFNhyyxEZRc8l6QlyAeEe-2juVMHajkQP0PHqM0MYi4YETIxYxMCieG8A

Request Chain 408

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAXRD-Uesb30NJLix4XoM6U&google_cver=1&google_push=AXcoOmTF2mXbsBuGSlMcdF_BcYSuLp8T1XA_vMlystOhmyK8DnKvi7xdoxPXFEIrTpY6ht5rc2_USNjSCWZkJ4Gogoc5RrK1mwgz260 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTF2mXbsBuGSlMcdF_BcYSuLp8T1XA_vMlystOhmyK8DnKvi7xdoxPXFEIrTpY6ht5rc2_USNjSCWZkJ4Gogoc5RrK1mwgz260 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 449

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=4bff1638-1e1b-4901-a9eb-0ccb3e86ab88

Request Chain 452

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e0f8e5671df35e7ccc13534cbeaf1eb&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv2889_7317801832270742156&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?userId=AAD-z07LHBkAABRwny_PHg&dataProviderId=817&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/e0f8e5671df35e7ccc13534cbeaf1eb?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ls9BKzxE2oNAVMODhRc0W6X45svvgw3Lo1bq6KI3~A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTBmOGU1NjcxZGYzNWU3Y2NjMTM1MzRjYmVhZjFlYg==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHkc7EF_dWZ5P_YgOIo6XEY&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 454

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1486428014868131661&expiration=1705017710

Request Chain 474

https://cdn.jwplayer.com/strips/Q7iCiXiE-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/Q7iCiXiE-120.vtt

Request Chain 485

https://cdn.jwplayer.com/v2/media/feYvx0hs/poster.jpg?width=120 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/sq23l104-120.jpg

Request Chain 498

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELHTYMLRb5lgH6QqHHn9sEs&google_cver=1

Request Chain 508

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698509&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 514

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIL6OlC_IFjrjQ8V4ZmA5NQ&google_cver=1&google_push=AXcoOmSgn9S3bETF5TjWHXvS1j3_IEdvrJD1k_k6zNJFxgl5LilmklShCQ1oPuK_NnmwZnIBAlUMyROodgkCIYwuRNcNdiRzNf92 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgn9S3bETF5TjWHXvS1j3_IEdvrJD1k_k6zNJFxgl5LilmklShCQ1oPuK_NnmwZnIBAlUMyROodgkCIYwuRNcNdiRzNf92&google_hm=eS1rRzhxblFGRTJwRmYybFdNSzA5dFFnRXZmdDhFeXh1bH5B

Request Chain 515

https://d5p.de17a.com/cookies/google?google_gid=CAESEAT-b-KJvI0IGxXzf5je3Aw&google_cver=1&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJVRaS9 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAT-b-KJvI0IGxXzf5je3Aw&google_cver=1&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJVRaS9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJVRaS9

Request Chain 516

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRgRbjuu5kPn9gqAu41VL_JWDMtuvok80vdlOc5tGL-mAVxokHskD6CSOhyv6kcwQbb2o28A84MAVbllQTqfIfWNQppREU&google_gid=CAESENDDWgcAG2zPI_R5xD8yQS4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-02c8vA6G-5PTLK119OoBWo2yspQZ20cmfpSl8A&google_push=AXcoOmRgRbjuu5kPn9gqAu41VL_JWDMtuvok80vdlOc5tGL-mAVxokHskD6CSOhyv6kcwQbb2o28A84MAVbllQTqfIfWNQppREU

Request Chain 517

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmR1Ce2T2okJql36TkivWWOMsjzjocRg64BOnX1dl-TIH9HH0lMlQTUL_UYw3M-OZZTUTdxxlXSB6pb4a8N5ToRT8gsEVTE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmR1Ce2T2okJql36TkivWWOMsjzjocRg64BOnX1dl-TIH9HH0lMlQTUL_UYw3M-OZZTUTdxxlXSB6pb4a8N5ToRT8gsEVTE

Request Chain 519

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAXRD-Uesb30NJLix4XoM6U&google_cver=1&google_push=AXcoOmRFimat_3m6IurO9dVUsI81CGbAEZNHoILNosY8DC4xCRHVF3Tm5KFimE-43AiFkTgd8EehZIbkSLk_gU-7TiH5EIPoLrfCmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRFimat_3m6IurO9dVUsI81CGbAEZNHoILNosY8DC4xCRHVF3Tm5KFimE-43AiFkTgd8EehZIbkSLk_gU-7TiH5EIPoLrfCmw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

520 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cultura.uol.com.br/
Redirect Chain

http://cultura.uol.com.br/
https://cultura.uol.com.br/

44 KB
10 KB

742ms
245ms

Document
text/html

200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 5154b8ab726ff7fa0d8016ac5e13800cf1ea4a371ba6ce07029405d1c3c36e44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 494
cache-control: max-age=600,public,stale-if-error=3600
content-encoding: gzip
content-length: 10094
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 00:01:44 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
via: CacheUOL
x-cache: HIT
x-varnish: 591060294 590310323

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 29 Dec 2023 00:01:43 GMT
Location: https://cultura.uol.com.br/
Referrer-Policy: no-referrer-when-downgrade
Server: nginx

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 81ms
33ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 29 Dec 2023 00:01:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Dec 2023 00:01:44 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 75ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 29 Dec 2023 00:01:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9639
x-xss-protection: 0
server: sffe
etag: "13e0a16aa728157d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Dec 2023 00:01:44 GMT

GET
H2 200 tvcultura.css
cultura.uol.com.br/_css/ 108 KB
18 KB 247ms
246ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 48bed10237b3fcf19c0d7bf119c61d4ccb959b9edcdbfc8cf7df2ae47e940366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 22:54:53 GMT
server: nginx
age: 8866
etag: "1b18d-5f3ab561a3091-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-varnish: 610056009 606776533
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 18205

GET
H2 200 jcarousel.base.css
cultura.uol.com.br/_css/ 1 KB
888 B 247ms
246ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_css/jcarousel.base.css
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: c81c14987018c0080acc9b19b47e56949c96eed36cdaeb67baa0a7573b4bad7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Dec 2015 13:43:10 GMT
server: nginx
age: 5269
etag: "4eb-5269f81089b4a-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-varnish: 601240501 602377774
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 600

GET
H2 200 home.css
cultura.uol.com.br/_css/ 6 KB
2 KB 247ms
247ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_css/home.css?v=20213004
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 9038f29262e6a484c12f5b62c1ead055aae7b3fc4c4f011290fce8c2b3f857b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 30 Apr 2021 21:21:13 GMT
server: nginx
age: 18957
etag: "16d3-5c137310c5972-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-varnish: 582867440 574485491
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1545

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 337 KB
80 KB 1567ms
1045ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c4aab0fb68d7c5053c11401f400c7474f78b489e46a695b0d58041b5a7b00b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808105.53636256
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=1017, ak_p; desc="1703808105037_34831685_1399022166_102245_728_25_40_146";dur=1
content-length: 81701
last-modified: Thu, 28 Dec 2023 19:58:50 GMT
etag: f16756d67e6e82cd83f6b2c1db5e4efb
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 hamburguer.png
cultura.uol.com.br/_img/tvcultura/header/ 1 KB
2 KB 248ms
248ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/hamburguer.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 4d6629180936579981f042e381479b5491cc7de892fbcbc6c0a10a34ddb46fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 May 2020 22:45:53 GMT
server: nginx
age: 19144
etag: "584-5a6a8f97713ef"
x-cache: HIT
x-varnish: 591409674 584018607
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1412

GET
H2 200 close.png
cultura.uol.com.br/_img/tvcultura/header/ 2 KB
3 KB 489ms
489ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/close.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 68ab9c73a8d37f901e513728cf622cf9d28299f8980e780da7dd26c3d1954d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 May 2020 22:45:53 GMT
server: nginx
age: 15655
etag: "90c-5a6a8f97713ef"
x-cache: HIT
x-varnish: 503454846 496227172
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 2316

GET
H2 200 20230427110112_desktop-30-.png
cultura.uol.com.br/upload/tvcultura/homecampanha/ 60 KB
60 KB 467ms
459ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/homecampanha/20230427110112_desktop-30-.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 79fa9d683531655cb1ccb177f72e58d79739a09bc17e86a857c72ec91cd83eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Apr 2023 14:01:12 GMT
server: nginx
age: 1636
etag: "ee11-5fa51ca0e1518"
x-cache: HIT
x-varnish: 577891796 584089758
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 60945

GET
H2 200 20231228183143_20231128154658-20231030174943-20231025194545-emprego-1-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 22 KB
22 KB 469ms
461ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183143_20231128154658-20231030174943-20231025194545-emprego-1-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: b98eea9bf8ca0dc37836401fa7860a3349f3e309a7463c39d6114fcce96e9dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:31:43 GMT
server: nginx
age: 7869
etag: "562a-60d98a45ba38e"
x-cache: HIT
x-varnish: 560267522 538735865
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 22058

GET
H2 200 20231228183246_20231228135840-ipca-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 48 KB
49 KB 467ms
459ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183246_20231228135840-ipca-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: e26347a45f0d83926109a5b6a13fe1ffebe0de4658a3ad717363c9a8fe44dd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:32:46 GMT
server: nginx
age: 8308
etag: "c1fa-60d98a81a7860"
x-cache: HIT
x-varnish: 607351971 611648846
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 49658

GET
H2 200 20231228183426_20231228154445-pcdf.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 38 KB
39 KB 711ms
705ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183426_20231228154445-pcdf.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 30301d559493d39a5828b1ee99f842ef74dfa5137d021104a00d2761ebb43040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:34:26 GMT
server: nginx
age: 8268
etag: "99ea-60d98ae12311e"
x-cache: HIT
x-varnish: 614303395 606790707
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 39402

GET
H2 200 20231228183525_mufid-majnun-oi20ehignd4-unsplash-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 29 KB
29 KB 711ms
705ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183525_mufid-majnun-oi20ehignd4-unsplash-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: db058445e17ea858427f34803d8d3d4881661c24ab3530e9234c6db3c6e43b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:35:25 GMT
server: nginx
age: 8308
etag: "7211-60d98b192a5b5"
x-cache: HIT
x-varnish: 596889282 599593693
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 29201

GET
H2 200 embed.js Show response
us-east-1.prod.tvcoins.com/player/ 1023 KB
310 KB 109ms
28ms Script
application/javascript 13.227.219.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-57.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fe42a9cd90f578e0a094a4ee70eb98f99a73b1b936f6880e0d91f883690d83b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: aIIh3jEAAEHp_QeafOpLQeNasKCSXQ0z
content-encoding: gzip
via: 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 06:59:19 GMT
last-modified: Thu, 21 Dec 2023 15:32:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 61839
x-amz-server-side-encryption: AES256
etag: W/"ef4856d1437a773ce61ff1c326b936c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: U6spbxFf3clV5fX6R4f6hdH7kqkVLrg9pcwulOOoT53rgk4ID-g1Aw==

GET
H2 200 20231228202255_333130620-760039245294526-4288220745267901335-n.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 40 KB
40 KB 711ms
705ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228202255_333130620-760039245294526-4288220745267901335-n.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: f8d7b535b18184fb4be0ddcb45795df46585afde4f1fae400d187a51f580efa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 23:22:55 GMT
server: nginx
age: 2168
etag: "9e73-60d9a3206cd94"
x-cache: HIT
x-varnish: 580142666 577132833
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 40563

GET
H2 200 20231228183715_20231221165402-pexels-pixabay-33783-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 38 KB
38 KB 712ms
706ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183715_20231221165402-pexels-pixabay-33783-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 859a24d3d3633542b75422bc8c9357505f52a4302df5076c9c4721240f1b9ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:37:15 GMT
server: nginx
age: 8457
etag: "968c-60d98b81b817f"
x-cache: HIT
x-varnish: 612669186 607990843
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 38540

GET
H2 200 20231228135957_congresso-promulga-marco-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 61 KB
62 KB 712ms
706ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228135957_congresso-promulga-marco-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: ee4e8ffe4be3f651d8db299f45f8dacde1a05e99d9f2a6abd3bd9dda978848f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 16:59:57 GMT
server: nginx
age: 3068
etag: "f5a7-60d94d86a5eca"
x-cache: HIT
x-varnish: 597281844 599860465
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 62887

GET
H2 200 20231228183851_20231228155400-ancelotii-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 21 KB
21 KB 711ms
706ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183851_20231228155400-ancelotii-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 1bc95fb3b4348b1aed1e55448333880f285f2426b97846f3c5841181fc0e972c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:38:51 GMT
server: nginx
age: 8399
etag: "5254-60d98bdd2b726"
x-cache: HIT
x-varnish: 578744861 585307809
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 21076

GET
H2 200 20231228183952_20231228143322-nba-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 35 KB
35 KB 712ms
706ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228183952_20231228143322-nba-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 8243500ee2cb972559c0132f3d927be2256a240fe3ac06a0d755749ac098a27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:39:52 GMT
server: nginx
age: 8457
etag: "8a3b-60d98c181fbb9"
x-cache: HIT
x-varnish: 588414261 591636987
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 35387

GET
H2 200 20231228184628_20231228180726-cobre-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 47 KB
47 KB 711ms
705ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228184628_20231228180726-cobre-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: c5c0a0ccff5b252f11278da8fd8e7aa727d9eff0f32ba4ed3a5bc2364da6ac29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:46:28 GMT
server: nginx
age: 7539
etag: "ba0d-60d98d91a8f3c"
x-cache: HIT
x-varnish: 499702215 502632679
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 47629

GET
H2 200 20231228185048_20231228150323-tr-nsito-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 46 KB
46 KB 712ms
706ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228185048_20231228150323-tr-nsito-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: a3c7d88c824c1eeef4b349c686a6c356200915e9494bab7eb4345dd4437f6be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:50:48 GMT
server: nginx
age: 7328
etag: "b635-60d98e890be98"
x-cache: HIT
x-varnish: 583241200 582320525
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 46645

GET
H2 200 20231228185250_amazonprimevideoanuncios-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 32 KB
32 KB 715ms
710ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228185250_amazonprimevideoanuncios-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 67dde3be981014746499916935c12c41e4f7ba9838835339652d2a68ebaf65a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:52:50 GMT
server: nginx
age: 7459
etag: "7fec-60d98efd49bd3"
x-cache: HIT
x-varnish: 560267533 556539270
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 32748

GET
H2 200 20231228185347_20231228183626-gcdf29hw8aalibz-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 41 KB
41 KB 712ms
707ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228185347_20231228183626-gcdf29hw8aalibz-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 0c4c6d35463961f825ba4d684e11971b54f034331359b7a9f30a41be22d786fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:53:47 GMT
server: nginx
age: 7401
etag: "a343-60d98f3469966"
x-cache: HIT
x-varnish: 611037333 610933899
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 41795

GET
H2 200 20231228185449_scott-graham-oqmzwnd3thu-unsplash-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 25 KB
25 KB 713ms
708ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228185449_scott-graham-oqmzwnd3thu-unsplash-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 4b356c5a25416371461e66f2e7204881162549fce5b47185aa4e572c69be04e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:54:49 GMT
server: nginx
age: 6233
etag: "641a-60d98f6f76495"
x-cache: HIT
x-varnish: 602049217 598877916
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 25626

GET
H2 200 20231228185526_emiliano-vittoriosi-ttei7wkl4be-unsplash-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/home/home_big/ 63 KB
63 KB 715ms
710ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/home/home_big/20231228185526_emiliano-vittoriosi-ttei7wkl4be-unsplash-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: d5b17b32114956a347ce5854f1bb673dfbaf75ccf6dbfa3afe0e66f554e8e564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 21:55:26 GMT
server: nginx
age: 6839
etag: "fc58-60d98f9255bb7"
x-cache: HIT
x-varnish: 581869052 573898433
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 64600

GET
H2 200 20231221132809_whatsapp-image-2023-12-20-at-21.38.55-4-.jpeg
cultura.uol.com.br/upload/tvcultura/webstories/ 146 KB
146 KB 714ms
710ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/webstories/20231221132809_whatsapp-image-2023-12-20-at-21.38.55-4-.jpeg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: dee7690f00c084d67b3caa5438b6d87503f1ce606b5d3ffcd75f4b45b95c6b99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Dec 2023 16:28:09 GMT
server: nginx
age: 9583
etag: "2482d-60d0795d2d8cd"
x-cache: HIT
x-varnish: 609796000 602039702
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 149549

GET
H2 200 20231221132854_whatsapp-image-2023-12-20-at-21.38.56-1-.jpeg
cultura.uol.com.br/upload/tvcultura/webstories/ 123 KB
123 KB 711ms
707ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/webstories/20231221132854_whatsapp-image-2023-12-20-at-21.38.56-1-.jpeg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: ec931bcee9f7599cde7b20ec058939fcafa6580784a507f987bea9610d4495ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Dec 2023 16:28:54 GMT
server: nginx
age: 5746
etag: "1ec77-60d079876f8ef"
x-cache: HIT
x-varnish: 603361253 595255132
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 126071

GET
H2 200 tvcultura.js Show response
embed.dugout.com/v3.1/ 583 KB
164 KB 605ms
527ms Script
text/javascript 2600:9000:214f:e200:8:ced9:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.dugout.com/v3.1/tvcultura.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a4209b771cfc1fcfa7db580f21ed52560c6e7f61e994f343b026bf30080ec268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-amz-cf-id: CqCwaCWFL-y7rrwgJeXtnG5STSfD0mMB26Jif_vvg5GDi0cIIm3w9g==

GET
H2 200 20231228193421_20231227205512-20231130202935-20231110210130-20230922181039-pexels-pixabay-47344-1-1-1-1-1-.jpg
cultura.uol.com.br/upload/tvcultura/noticias/ 346 KB
346 KB 712ms
708ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/noticias/20231228193421_20231227205512-20231130202935-20231110210130-20230922181039-pexels-pixabay-47344-1-1-1-1-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: ad96d891a3f5862688b099e3839c4df30cb642e8284fe83195ec2ccbd5cdd863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 22:34:21 GMT
server: nginx
age: 4959
etag: "566bb-60d99845060a6"
x-cache: HIT
x-varnish: 586911720 581982220
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 353979

GET
H2 200 20231228143349_emiliano-vittoriosi-ttei7wkl4be-unsplash-1-.jpg
cultura.uol.com.br/upload/tvcultura/noticias/ 287 KB
288 KB 713ms
709ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/noticias/20231228143349_emiliano-vittoriosi-ttei7wkl4be-unsplash-1-.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: cbbc9153140c72fa82ad9e74aaf1fe8e131d70c72bdc9932e1fdc0468c53504c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 17:33:49 GMT
server: nginx
age: 1520
etag: "47cfc-60d95518e8dc9"
x-cache: HIT
x-varnish: 590468611 593574330
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 294140

GET
H2 200 20231228134754_avi-o-rio-congelado-1-.png
cultura.uol.com.br/upload/tvcultura/noticias/ 291 KB
291 KB 713ms
709ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/noticias/20231228134754_avi-o-rio-congelado-1-.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: b6757256bba677ef21d86dfb58ae5bb60eab8f80b60d6beb84839a507d347a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 16:47:54 GMT
server: nginx
age: 3523
etag: "48a10-60d94ad4c8288"
x-cache: HIT
x-varnish: 503032723 503355496
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 297488

GET
H2 200 20231228125528_ecobrasilestreiatvcultura.jpg
cultura.uol.com.br/upload/tvcultura/noticias/ 190 KB
190 KB 711ms
708ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/tvcultura/noticias/20231228125528_ecobrasilestreiatvcultura.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 676f87560079f4a2948b603aa5be16513b65d27c5b8843d51a32cef073f0b571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 15:55:28 GMT
server: nginx
age: 7350
etag: "2f7b2-60d93f1d29fa5"
x-cache: HIT
x-varnish: 583895754 576141670
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 194482

GET
H2 200 20231228165711_tonica-p.png
cultura.uol.com.br/upload/radio/supertonica/ 389 KB
389 KB 711ms
707ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/radio/supertonica/20231228165711_tonica-p.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 57755aa43eb3764542786b5dc362ebc0d4487365a2ac2a3f6f1fec63e5118226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 19:57:11 GMT
server: nginx
age: 14284
etag: "6128e-60d9752455443"
x-cache: HIT
x-varnish: 554458399 549836750
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 397966

GET
H2 200 20231228192012_logo-de-volta-dezembro.jpg
cultura.uol.com.br/upload/radio/devoltapracasa/ 32 KB
32 KB 712ms
708ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/radio/devoltapracasa/20231228192012_logo-de-volta-dezembro.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: a4ad2380d76c9b3bb30780f4857d9dddd4fbd7159cf7cf0a10ff538e47a0ca1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Dec 2023 22:20:12 GMT
server: nginx
age: 5857
etag: "7f76-60d9951bd78bb"
x-cache: HIT
x-varnish: 614141068 612436751
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 32630

GET
H2 200 20231227133559_julia-mestre-publi-.png
cultura.uol.com.br/upload/radio/culturalivre/ 587 KB
588 KB 712ms
709ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/radio/culturalivre/20231227133559_julia-mestre-publi-.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 68651bdb8811d2fddecf1ea7ab9b20111b6be4cf1619f9d92ef9abe05630888b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Dec 2023 16:35:59 GMT
server: nginx
age: 10844
etag: "92cac-60d8064df6d94"
x-cache: HIT
x-varnish: 601464254 596293829
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 601260

GET
H2 200 20231222152337_harry-bradford-publi-.png
cultura.uol.com.br/upload/radio/conexaoeuropa/ 491 KB
492 KB 713ms
709ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/upload/radio/conexaoeuropa/20231222152337_harry-bradford-publi-.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 4da4dc82b8749d9a5cbcb92b25071c1103962df4a46300ad113958788e6870a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Dec 2023 18:23:37 GMT
server: nginx
age: 17879
etag: "7ad7f-60d1d509be4d0"
x-cache: HIT
x-varnish: 581605092 575324872
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 503167

GET
H2 200 _128495107_ce10225f8b34296dda0592707884bd9dbdab13010_0_7087_49881000x704.jpg
c.files.bbci.co.uk/1120F/production/ 123 KB
124 KB 170ms
59ms Image
image/jpeg 2a02:26f0:480:a9a::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.files.bbci.co.uk/1120F/production/_128495107_ce10225f8b34296dda0592707884bd9dbdab13010_0_7087_49881000x704.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:a9a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d85c6edb504f6653f5be7e8bdd9f10ea479113482cc3e340ad371f7494956b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 3E4jlNjkojJweTowEzt6fyDexw6smbzr
date: Fri, 29 Dec 2023 00:01:44 GMT
nel: {"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id: BNSXZT8KV1JYJMFC
content-length: 126046
x-amz-id-2: VkIww5EbEAiY1Uyqzp0m4h2ndxnJbEdGIb0E2G8pX4FAAqbFeigV0N9Dyq8P/grN+o0vFSistOg=
last-modified: Thu, 02 Feb 2023 22:01:49 GMT
server: AmazonS3
etag: "5a45ba069ce0c0e3d9977e77fcc6fb6d"
access-control-max-age: 300
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *

GET
H2 200 _128431676_bharatbiotech.jpg
c.files.bbci.co.uk/1081D/production/ 25 KB
25 KB 133ms
22ms Image
image/jpeg 2a02:26f0:480:a9a::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.files.bbci.co.uk/1081D/production/_128431676_bharatbiotech.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:a9a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe1fc1a88b38887baea5edd5defc687d87ca8c8b191c2c5e7880cc507c38a078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: mVkQ8WE5BWslJVZJsJnAmKOrToHHBKge
date: Fri, 29 Dec 2023 00:01:44 GMT
nel: {"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id: JFD6KEKVEA40E20J
content-length: 25362
x-amz-id-2: ThWxloiznQmQu6NX0QkbfotGdRaBUx/78/GsuXqc8F20bl6U89ieQVuIydAG9s3O6KaP+yIklI8=
last-modified: Fri, 27 Jan 2023 05:58:49 GMT
server: AmazonS3
etag: "b34c77c572ebf6448c4a677617c9a244"
access-control-max-age: 300
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *

GET
H2 200 _128398588_d08e7102-4867-4405-b5ac-3ef6f1275558.jpg
c.files.bbci.co.uk/15A0D/production/ 66 KB
67 KB 134ms
22ms Image
image/jpeg 2a02:26f0:480:a9a::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.files.bbci.co.uk/15A0D/production/_128398588_d08e7102-4867-4405-b5ac-3ef6f1275558.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:a9a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73152a342d6b5edfe23110b400cedcd11fe25017ae9b41096380e32d8fe52274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: e9N3HtQzP5wRURJzgHYKjfj1Q.F7iJ.3
date: Fri, 29 Dec 2023 00:01:44 GMT
nel: {"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id: X173M3ZZ4T1QD8W5
content-length: 67395
x-amz-id-2: U8GU1oxoqHLN+2YewhT1wu3ORzhj877D/PHH6mNBhnUFCBSXl16wcmVETHH8K1IdAGSbjvcWimM=
last-modified: Tue, 24 Jan 2023 18:59:36 GMT
server: AmazonS3
etag: "1ce77859f80e3018c11bf828c3a3f70f"
access-control-max-age: 300
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *

GET
H2 200 _128381833_4iawxmwo.jpg
c.files.bbci.co.uk/841A/production/ 66 KB
67 KB 171ms
60ms Image
image/jpeg 2a02:26f0:480:a9a::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.files.bbci.co.uk/841A/production/_128381833_4iawxmwo.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:a9a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab052643b094c90a38eec3b09afd93309ecf9c254fda12c8a984ea7bcbc72a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: kK3bgcERcD1ULYxlSW4KCVassVCQySNM
date: Fri, 29 Dec 2023 00:01:44 GMT
nel: {"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id: G3E634X46MEFEV5R
content-length: 67520
x-amz-id-2: qGlYS98h6YWvc2PVsMXlxJ/F3i2S59yyaWV3tJvxoh3d4o0ixKQ8Ed5UNoh56cLqx/9v6KDJUQw=
last-modified: Wed, 25 Jan 2023 00:10:57 GMT
server: AmazonS3
etag: "525356180d5dd11f6c646847891b75d1"
access-control-max-age: 300
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *

GET
H2

200

pjskwc0p-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/Q7iCiXiE/poster.jpg?width=640
https://assets-jpcust.jwpsrv.com/thumbnails/pjskwc0p-640.jpg

24 KB
24 KB

177ms
108ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/pjskwc0p-640.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2301584f1d306196e1e8d7b38200c25f7f9262cfb2def4e017dfb9d3f531222f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 360
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 24085
x-served-by: cache-iad-kcgs7200073-IAD, cache-fra-etou8220052-FRA
last-modified: Thu, 28 Dec 2023 22:07:44 GMT
server: nginx
x-timer: S1703808105.838273,VS0,VE87
etag: "5dbb3c0128fdd606647072b0f63e4906"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 16, 1

Redirect headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/pjskwc0p-640.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: 4yfKr9NT0tZu_Eb8_1zwLUQm5yM6rxD0T86tChmDoZth46uuS6ms1Q==

GET
H2

200

i4lssbtv-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/F8NUcAcl/poster.jpg?width=640
https://assets-jpcust.jwpsrv.com/thumbnails/i4lssbtv-640.jpg

47 KB
47 KB

64ms
19ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/i4lssbtv-640.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e84d7bf3a426ce609071bda647e9ae9a843fd7dafec963f041b603e3675b464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 870
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 47813
x-served-by: cache-iad-kjyo7100058-IAD, cache-fra-etou8220052-FRA
last-modified: Thu, 28 Dec 2023 21:04:48 GMT
server: nginx
x-timer: S1703808105.838575,VS0,VE1
etag: "563a7a7e98c0cf8c3e045c751e65716b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 31, 1

Redirect headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/i4lssbtv-640.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: hZ4c4S7gF60N1nz_0JdeMfNnftiZf1Ib68RafnaBMmt1dJmRV9RKaQ==

GET
H2

200

aj81jqg2-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/DIon8Bsi/poster.jpg?width=640
https://assets-jpcust.jwpsrv.com/thumbnails/aj81jqg2-640.jpg

49 KB
49 KB

179ms
114ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/aj81jqg2-640.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cdeb1351abfd6a38df6a2ca7af4b40001ab3ac8683576f9afade365cf75b0c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 54
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 50400
x-served-by: cache-iad-kjyo7100092-IAD, cache-fra-etou8220052-FRA
last-modified: Thu, 28 Dec 2023 18:15:31 GMT
server: nginx
x-timer: S1703808105.838567,VS0,VE93
etag: "e0e6dadec533f75dd2e72103d85c3e4a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 2, 1

Redirect headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/aj81jqg2-640.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: DdE35T6WY89CwTRT17eCvYsfSRK_V89QhrGddJvv9HnKJRo-88NwGg==

GET
H2

200

kjd25za5-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/HjOjmTlf/poster.jpg?width=640
https://assets-jpcust.jwpsrv.com/thumbnails/kjd25za5-640.jpg

27 KB
27 KB

177ms
126ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/kjd25za5-640.jpg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 901b8e378681cbfb77e61fc3308ee1c4e2b449dcc277c31bf87e1690b1955732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 27308
x-served-by: cache-iad-kjyo7100045-IAD, cache-fra-etou8220052-FRA
last-modified: Thu, 28 Dec 2023 17:42:50 GMT
server: nginx
x-timer: S1703808105.838738,VS0,VE99
etag: "22da0cf4c73affb3e4b5c7df4a13ecf7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 20, 1

Redirect headers

date: Fri, 29 Dec 2023 00:01:44 GMT
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/kjd25za5-640.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: HeyrWlMbzX6WUxZT4-VN1DmF2BdYR4NU28RTk8f2LXUZchiIt9YziA==

GET
H2 200 36461453_303.jpg
static.dw.com/image/ 41 KB
41 KB 167ms
97ms Image
image/jpeg 2a02:26f0:480:a82::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/36461453_303.jpg

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:a82::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

619b6ff9dcd4da0ca34e0c23d28faa83c02a6a42e20cbecbb65c5428b99821da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: max-age=3574
date: Fri, 29 Dec 2023 00:01:44 GMT
accept-ranges: bytes
content-length: 42069
content-type: image/jpeg;charset=UTF-8

GET
H2 200 67780956_303.jpg
static.dw.com/image/ 68 KB
68 KB 77ms
72ms Image
image/jpeg 2a02:26f0:480:a82::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/67780956_303.jpg

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:a82::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2591af4d4155b23f0bfd167acc9ba28ace3cd370cd04df3708b3ae82367bcfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: max-age=52
date: Fri, 29 Dec 2023 00:01:44 GMT
accept-ranges: bytes
content-length: 69512
content-type: image/jpeg;charset=UTF-8

GET
H2 200 67837853_303.jpg
static.dw.com/image/ 57 KB
57 KB 25ms
25ms Image
image/jpeg 2a02:26f0:480:a82::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/67837853_303.jpg

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:a82::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c87ee52089120266e0ba97c53bbbc297c72f1c9229e396e12461e60264ae7847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: max-age=1
date: Fri, 29 Dec 2023 00:01:44 GMT
accept-ranges: bytes
content-length: 58706
content-type: image/jpeg;charset=UTF-8

GET
H2 200 67829431_303.jpg
static.dw.com/image/ 57 KB
57 KB 76ms
76ms Image
image/jpeg 2a02:26f0:480:a82::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/67829431_303.jpg

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:a82::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

742b5d6d329459cfee76e108abade5d80cecce68bc4213b58a43b1fdfb0b9be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: max-age=2701
date: Fri, 29 Dec 2023 00:01:44 GMT
accept-ranges: bytes
content-length: 58304
content-type: image/jpeg;charset=UTF-8

GET
H2 200 webalert-notification.js Show response
cultura.uol.com.br/ 62 KB
16 KB 709ms
707ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/webalert-notification.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 09c1346734a33e14ebabf2e138b89cb5743842fa932adb587a5d039a5ce7bc4a

Request headers

Referer: https://cultura.uol.com.br/
Origin: https://cultura.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jun 2020 22:15:26 GMT
server: nginx
age: 9352
etag: "f892-5a8dbd01f4d44-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 610056013 608153733
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 15751

GET
H2 200 f13bae0c-bf9a-42e6-8fbd-a3d7bcdbaec9-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
451 B 907ms
804ms Script
application/javascript 18.239.63.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f13bae0c-bf9a-42e6-8fbd-a3d7bcdbaec9-loader.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.63.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-63-216.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: DW9KJTSKhFYyvWBgX8rRYQSWcHVKM11c
date: Fri, 29 Dec 2023 00:01:46 GMT
via: 1.1 9f9de4292c90d3b00804c3fd5a50677e.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 13:05:28 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
etag: "8e742d11d6b24c401e35f3b516726584"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 13
x-amz-cf-id: ZRfU_-uPShaw-F4JVkzT1HzYPxSUCrSdaOXJ_n-pHgboWk1Ad6rYdQ==

GET
H2 200 2.1.3.jquery.min.js Show response
cultura.uol.com.br/_js/ 82 KB
29 KB 469ms
461ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/2.1.3.jquery.min.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jul 2015 21:35:07 GMT
server: nginx
age: 19496
etag: "14960-51b7d8b63f8c0-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 599052353 597789727
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 29524

GET
H2 200 jquery.jcarousel.full.js Show response
cultura.uol.com.br/_js/ 43 KB
8 KB 712ms
704ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/jquery.jcarousel.full.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: b1504e2623ee41b243e89c9e2ca842da2cf15f4516787f4a40298154cccc816f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 May 2017 13:20:04 GMT
server: nginx
age: 1470
etag: "adb0-54eb2a17e1149-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 604374182 598723338
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 7470

GET
H2 200 Utils.js Show response
cultura.uol.com.br/_js/ 5 KB
2 KB 711ms
704ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/Utils.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 197ee4db04a0c9da045ce2509fb2f189c1be79fcb2118f222724c89baefa14d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Mar 2018 16:05:13 GMT
server: nginx
age: 19017
etag: "158a-567618a48e806-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 579860550 579486417
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 2028

GET
H2 200 Hash.js Show response
cultura.uol.com.br/_js/ 468 B
531 B 712ms
705ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/Hash.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: a5da2d2c438540cec9273e3edc501b9945188f7b381be49ec082aaf96d80a1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Aug 2015 17:39:10 GMT
server: nginx
age: 10328
etag: "1d4-51d20b23c2b80-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 591060312 586511569
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 233

GET
H2 200 DFP.js Show response
cultura.uol.com.br/_js/ 2 KB
898 B 710ms
703ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/DFP.js?v=20210218
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 11329c265daaac44b150cd7b4166998b170fca8bf33c501a8dd3f9a8ad5a5f95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 02 Oct 2020 12:35:14 GMT
server: nginx
age: 16026
etag: "7c5-5b0af5d490678-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 503454868 493773051
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 599

GET
H2 200 Home.js Show response
cultura.uol.com.br/_js/ 4 KB
2 KB 711ms
704ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/Home.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 11a0431c391f4ea07a01143a09c905c20ee3e11325f4a4a63169a7f7b8f0e37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 May 2016 19:37:25 GMT
server: nginx
age: 10038
etag: "f96-532962bdc2ce1-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 577987914 579222471
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1350

GET
H2 200 TVCultura.js Show response
cultura.uol.com.br/_js/ 4 KB
2 KB 710ms
704ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/_js/TVCultura.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: f8f06623eb7bdb249e37e78df4c9de2aa2371a7f3c1a8b0c227470021a2bf4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Mar 2023 06:28:47 GMT
server: nginx
age: 20063
etag: "11f4-5f6d657118a18-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 550751964 554504725
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1359

GET
H2 200 cookieconsent.js Show response
cultura.uol.com.br/lgpd/banner/ 18 KB
7 KB 711ms
709ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/lgpd/banner/cookieconsent.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: af7ef6cec4eea6ee55c83df391cf9558be6d194361cf914d70f2bd5a43fd333d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Jun 2023 13:53:42 GMT
server: nginx
age: 18010
etag: "4937-5fe2b65759c67-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 596734529 591225888
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 6670

GET
H2 200 init.js Show response
cultura.uol.com.br/lgpd/banner/ 4 KB
1 KB 709ms
707ms Script
application/javascript 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/lgpd/banner/init.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: f58f2e262f32d9e4085c346aaffd771728d9342329497aef0f14acfbe48c546e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Jun 2023 13:53:42 GMT
server: nginx
age: 18491
etag: "f30-5fe2b65759c67-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-varnish: 583293227 583862010
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1136

GET
H2 200 cookieconsent.css
cultura.uol.com.br/lgpd/banner/ 0
0 711ms
709ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/lgpd/banner/cookieconsent.css
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Jun 2023 13:53:42 GMT
server: nginx
age: 739
etag: "4973-5fe2b65759c67-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-varnish: 588113166 590599634
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 4356

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 77ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

729d143021117867cf4fdf31b3f321ad8455bdf338a4883299fcf7bb93db58bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 22:13:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 200 seta_menu.png
cultura.uol.com.br/_img/tvcultura/icones/ 1020 B
1 KB 412ms
411ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/icones/seta_menu.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: e85262abbb68bfb6e104c92e24bbfd01c998378850f6f45983507208556ff255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2015 21:05:34 GMT
server: nginx
age: 14177
etag: "3fc-5270a4468240e"
x-cache: HIT
x-varnish: 602279569 594429573
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1020

GET
H2 200 icon-facebook.png
cultura.uol.com.br/_img/tvcultura/header/ 1 KB
2 KB 413ms
411ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/icon-facebook.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: d414cc6182aeaa16bb34d0de5795b794c15805effd910e58544c58e46724343e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 May 2020 06:52:59 GMT
server: nginx
age: 16542
etag: "5f4-5a58207d51c79"
x-cache: HIT
x-varnish: 576316245 573919222
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1524

GET
H2 200 icon-twitter.png
cultura.uol.com.br/_img/tvcultura/header/ 2 KB
2 KB 413ms
412ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/icon-twitter.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 85390977e081fd4077d40646d0799b71af6edb3eb61b87c39a4d534178a755af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 May 2020 06:52:59 GMT
server: nginx
age: 4715
etag: "677-5a58207d51c79"
x-cache: HIT
x-varnish: 609532605 603551058
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1655

GET
H2 200 icon-instagram.png
cultura.uol.com.br/_img/tvcultura/header/ 2 KB
2 KB 414ms
412ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/icon-instagram.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 8c97e43c8b3e4319a155382091a1b09ef36d073a731a63d1a6733552d52eab8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 May 2020 06:52:59 GMT
server: nginx
age: 11679
etag: "6f6-5a58207d51c79"
x-cache: HIT
x-varnish: 601240526 598684376
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1782

GET
H2 200 icon-youtube.png
cultura.uol.com.br/_img/tvcultura/header/ 2 KB
2 KB 413ms
412ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/icon-youtube.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: a74dedbde020e07aa230aa34841b132b10406993fd3af7a42524fa559e46e9ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 May 2020 06:52:59 GMT
server: nginx
age: 14748
etag: "624-5a58207d51c79"
x-cache: HIT
x-varnish: 584947966 583995173
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1572

GET
H2 200 icon-linkedin.png
cultura.uol.com.br/_img/tvcultura/header/ 2 KB
2 KB 414ms
412ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/icon-linkedin.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 07e04b0bfa0b306d160d4b59e234d7a198508d07ae7ba3113afdeb94ecca5f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jun 2020 05:14:25 GMT
server: nginx
age: 13987
etag: "75f-5a8b96ed59ddc"
x-cache: HIT
x-varnish: 593404801 583462083
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1887

GET
H2 200 icon-google-news.png
cultura.uol.com.br/_img/tvcultura/header/ 1 KB
1 KB 412ms
411ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/icon-google-news.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 57e499c236e2995faffecb3bc37aeb0995b3b18cafdd168828e7412228f5b7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Sep 2020 13:07:27 GMT
server: nginx
age: 11161
etag: "4ca-5b05f59225e23"
x-cache: HIT
x-varnish: 495517576 497602659
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1226

GET
H2 200 tiktok.jpeg
cultura.uol.com.br/_img/tvcultura/header/ 674 B
926 B 414ms
413ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/tiktok.jpeg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: fc3f7d76f780541ea63fbab513d17491b03b827fa05b98c68a6692fb8361892a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 May 2021 04:07:22 GMT
server: nginx
age: 11350
etag: "2a2-5c292d8d23685"
x-cache: HIT
x-varnish: 574946147 577423408
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 674

GET
H2 200 kwai.jpeg
cultura.uol.com.br/_img/tvcultura/header/ 966 B
1 KB 414ms
413ms Image
image/jpeg 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/kwai.jpeg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 343400c614fe529568e79626a3f7ab00bff969fb92a9a9ad1cdb8f4bddc6dc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 May 2021 04:07:22 GMT
server: nginx
age: 11569
etag: "3c6-5c292d8d23685"
x-cache: HIT
x-varnish: 551810317 555659927
content-type: image/jpeg
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 966

GET
H2 200 logotipo-tvcultura-desktop-orange.png
cultura.uol.com.br/_img/tvcultura/header/ 1 KB
2 KB 414ms
413ms Image
image/png 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cultura.uol.com.br/_img/tvcultura/header/logotipo-tvcultura-desktop-orange.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 4cd7515394000c926f9d5849785e7427123f519e524daa15a6dc064462a81c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/_css/tvcultura.css?v=20230201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Sep 2020 11:03:39 GMT
server: nginx
age: 9322
etag: "584-5afd0cd89785e"
x-cache: HIT
x-varnish: 612607870 612172409
content-type: image/png
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 1412

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 65ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cultura.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:01:29 GMT
x-content-type-options: nosniff
age: 64816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 06:01:29 GMT

GET
H2 200 config.json Show response
us-east-1.prod.tvcoins.com/player/ 768 B
1 KB 86ms
27ms Fetch
application/json 13.227.219.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east-1.prod.tvcoins.com/player/config.json
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-57.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13465212a68220fe8ea9c10bf86ec51b8ee16a19ec8c2a31452ef4e3ce322686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: uGmb67USiYwmZv4yP2JxrBsgIydjmdqQ
date: Thu, 28 Dec 2023 23:53:29 GMT
via: 1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 768
last-modified: Tue, 26 Dec 2023 21:48:40 GMT
server: AmazonS3
etag: "70ddc2def7821ba7d3412ed606eff54d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: 9Ippqv2V6AKIX91fugr6KU4h-9m8V1Xnv6wP6kT7WMARt4y-Z8k_fg==

GET
H2 200 google-play.png
embed.dugout.com/images/ 15 KB
15 KB 28ms
28ms Image
image/png 2600:9000:214f:e200:8:ced9:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.dugout.com/images/google-play.png
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b78a61b96c6dedea1627a6730922db1c911ce35722f032d4a7086891de33663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 29 Dec 2023 00:01:31 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 08:46:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 23
etag: "1c7ec440b1319aad2208f25cd63f34df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 15218
x-amz-cf-id: OZOn3r0m3lBiRbVHiG65fYqWYubbt990hvqn27KvHseUToljlihTxw==

GET
H2 200 app-store.svg
embed.dugout.com/images/ 14 KB
5 KB 29ms
29ms Image
image/svg+xml 2600:9000:214f:e200:8:ced9:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.dugout.com/images/app-store.svg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 706b208b8b90fc2ffd31212c127547653dee75f0ef0c8acfd29e4d4fb8d850f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
date: Fri, 29 Dec 2023 00:01:45 GMT
last-modified: Thu, 13 Apr 2023 10:52:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 60
etag: W/"9bb57a647636c49c28a8398e2ba11477"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: WaIDtF-H88zznAgNHIRH4XsVN0n1NJReXlHdmmwDwx8rV38CwRv3uw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Dec 2023 23:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 808
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 29 Dec 2023 01:48:17 GMT

GET
H2 200 player.css
us-east-1.prod.tvcoins.com/player/ 23 KB
5 KB 31ms
30ms Stylesheet
text/css 13.227.219.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east-1.prod.tvcoins.com/player/player.css
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-57.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bad45ff5da77ba66611e4298b70c45219598ddf9d25629d4e3d1251573ed28a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: xA39uGxAA3LkpGBp6g3OZwlCSVIjI6He
content-encoding: br
via: 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 04:11:42 GMT
last-modified: Thu, 21 Dec 2023 15:32:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 71537
x-amz-server-side-encryption: AES256
etag: W/"a1bcea75c9a62b4f1750b1c55949fea2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: Ax0FisTxF70ZNHqAezgCE2yVuKkufFbaWBy-Jwz_K9HKYoMCI8wC8w==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 150ms
84ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 200 pal.js Show response
imasdk.googleapis.com/pal/sdkloader/ 140 KB
46 KB 123ms
57ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/pal/sdkloader/pal.js

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678f12cbea984230dc14c0ea0335a149919c34428144e2e80ff951bc49b6e5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47028
x-xss-protection: 0
expires: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 200 jsonp Show response
sync.springserve.com/usersync/ 68 B
485 B 149ms
43ms Fetch
application/javascript 79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.springserve.com/usersync/jsonp?callback=embedSSUserSync
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fa73493f8457dd89840b050a11c75d2fe81db20714f9d0014e9b367923f6eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://cultura.uol.com.br
date: Fri, 29 Dec 2023 00:01:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 68
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 26ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

524656fee4d80a56699c7f83b47a8f359d08d34f82f08f831529ebdd92520025

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 79ms
27ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-70620153-1&cid=1684149065.1703808105&jid=20035746&gjid=592854519&_gid=121173283.1703808105&_u=IGBACEAABAAAACAAI~&z=216989021

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 29 Dec 2023 00:01:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 82ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-62WXYG8FFJ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e7337fd35b067d571fe72d43512b42a7b95019181928cfb543c15b8c42cd4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 200 ssusersync Show response
tv.springserve.com/ 7 KB
7 KB 198ms
71ms Script
application/javascript 52.213.69.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.springserve.com/ssusersync?gdpr=&gdpr_consent=
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.69.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-69-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 01ba44a168b74a3018d7347678897dece52b933e9625bc6421badc8cbfaa075e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 6923
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 76ms
29ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70620153-1&cid=1684149065.1703808105&jid=20035746&_u=IGBACEAABAAAACAAI~&z=1417734390

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70620153-1&cid=1684149065.1703808105&jid=20035746&_u=IGBACEAABAAAACAAI~&z=1417734390

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LDItaoyNOAY6Uewc665JcIzCKsKc_M9flwmM.otf
fonts.gstatic.com/s/materialiconsround/v108/ 391 KB
212 KB 21ms
20ms Font
font/otf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsround/v108/LDItaoyNOAY6Uewc665JcIzCKsKc_M9flwmM.otf

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/player.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad85e5454b6288104ce03806c37323bcd8f145e3094e727860173ac8c91062e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us-east-1.prod.tvcoins.com/
Origin: https://cultura.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216597
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 22:37:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 18:52:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
20 KB 64ms
63ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/player.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us-east-1.prod.tvcoins.com/
Origin: https://cultura.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 22:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20776
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 22:04:01 GMT

GET
H2 200 bridge3.609.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 882F 751 KB
240 KB 19ms
19ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 520676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245986
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 23:23:49 GMT
expires: Sat, 21 Dec 2024 23:23:49 GMT
last-modified: Mon, 18 Dec 2023 19:42:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 integrator.json
pubads.g.doubleclick.net/adsid/ Frame 0
0 89ms
26ms Preflight
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/adsid/integrator.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-afma-token-requester-type
Access-Control-Request-Method: GET
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-afma-token-requester-type
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cultura.uol.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 00:01:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 126ms
65ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D8CD 40 KB
14 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:38:03 GMT

GET
H3 200 integrator.json Show response
pubads.g.doubleclick.net/adsid/ 15 B
58 B 70ms
29ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/adsid/integrator.json

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
x-afma-token-requester-type: requester_type_9

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 111ms
64ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?tid=pal&tv=1.0

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca8fb78020cbd95c489a88f367be255f4f642c10586888dcc498547e975a063e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 72ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-62WXYG8FFJ&_ono=1&gtm=45je3bt0v9125419668&_p=1703808105370&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1684149065.1703808105&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcultura.uol.com.br%2F&dt=TV%20Cultura&sid=1703808105&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2691
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62WXYG8FFJ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-62WXYG8FFJ&cid=1684149065.1703808105&gtm=45je3bt0v9125419668&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62WXYG8FFJ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-62WXYG8FFJ&cid=1684149065.1703808105&gtm=45je3bt0v9125419668&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1714278302

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookieconsent.css
cultura.uol.com.br/lgpd/banner/ 18 KB
5 KB 394ms
394ms Stylesheet
text/css 200.147.4.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://cultura.uol.com.br/lgpd/banner/cookieconsent.css
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.4.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-4-47.static.uol.com.br
Software: nginx /
Resource Hash: 3cf4c6dd5844c0787c8e0a223a089fa2b770bcb4c6e4cee1121aee78e532e0a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-encoding: gzip
via: CacheUOL
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Jun 2023 13:53:42 GMT
server: nginx
age: 19287
etag: "4973-5fe2b65759c67-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-varnish: 587304731 582133294
cache-control: max-age=21600,public
accept-ranges: bytes
content-length: 4356

GET
H2 200 14048 Show response
rtb.gumgum.com/usync/ Frame B3FB 0
100 B 214ms
41ms Document
text/plain 52.48.240.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by: Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync?gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 29 Dec 2023 00:01:45 GMT
etag: "0d41d8cd98f00b204e9800998ecf8427e"
server: nginx
timing-allow-origin: *

GET
H2

200

usermatch Show response
ssum.casalemedia.com/ Frame 7DCB
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=191709&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%...
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us...

2 KB
809 B

57ms
56ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Requested by: Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync?gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776257cec9e4c094736a9c85465318ce516df6de126b72a0d7c858c1ac15606a

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83cdc5357b5358de-TXL
content-encoding: br
content-type: text/html
date: Fri, 29 Dec 2023 00:01:45 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKrRzGuqQ2r2epQLXusSRd%2B1roPC9LZEJ9UskPyOdcCIUuO5x34PlAr%2BS7SClRF50fzjP93gW3pnIjdTiOpxIXOpFRQCJ9Bw99SIQ6x0CMMk9rYSI7vViFso9MrUQMstJ6J7TrW1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83cdc534aa1e58de-TXL
content-length: 0
date: Fri, 29 Dec 2023 00:01:45 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ18FirAj%2F1a%2Fbt%2BCJjuOLzRvXQ9GVwUQwIKux6p7UlV7KZfYVRLkT85fECrQk7Ocg7gL7NDeIiX11z2kTELd8FtQR8S%2FyK%2BiOhIOtGwCBZnnHjnh2RiWtLVO%2BEotBXWE6GyfYEE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F833 16 KB
6 KB 75ms
20ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by: Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync?gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=136351
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 29 Dec 2023 00:01:45 GMT
expires: Sat, 30 Dec 2023 13:54:16 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

usersync
vid-io-dub.springserve.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-dub.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D1%2526gdpr_consent%253D%2526us_privacy%253D%2526uuid%253D%2524UID
https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=5279117664637391043

43 B
205 B

65ms
43ms

Image
image/gif

79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=5279117664637391043
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
an-x-request-uuid: 58449923-2207-4b4b-a8fa-6ed44444608c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=5279117664637391043
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204 syncb
sync.bfmio.com/ 0
78 B 518ms
116ms Image
text/plain 52.44.250.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.250.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-250-119.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 204 um
cs.emxdgt.com/ 0
44 B 82ms
21ms Image
text/plain 35.156.17.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.17.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-17-32.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
server: awselb/2.0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58185/
Redirect Chain

https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true

0
87 B

44ms
22ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
date: Fri, 29 Dec 2023 00:01:45 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 373
content-language: en

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
236 B 90ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 384ms
30ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-length: 0

GET
H2

200

usersync
vid-io-dub.springserve.com/
Redirect Chain

https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3...
https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=t5kTcOLO4s8m&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1

43 B
205 B

43ms
43ms

Image
image/gif

79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=t5kTcOLO4s8m&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=t5kTcOLO4s8m&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-db744d8c7-2fvgp
expires: -1

GET
H2

200

usersync
vid-io-dub.springserve.com/
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D...
https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT

43 B
205 B

43ms
43ms

Image
image/gif

79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

location: https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
etag: OPTOUT
content-type: text/html

GET
H2 200 us.gif
sync.go.sonobi.com/ 49 B
443 B 347ms
115ms Image
image/gif 2607:f350:3:2569:0:10:0:200c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-26
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

usersync
vid-io-dub.springserve.com/
Redirect Chain

https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%...
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_priv...
https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=e8dcdaa4ca4b4083aeba6f680992c77a

43 B
205 B

43ms
43ms

Image
image/gif

79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=e8dcdaa4ca4b4083aeba6f680992c77a
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

location: https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=e8dcdaa4ca4b4083aeba6f680992c77a
date: Fri, 29 Dec 2023 00:01:46 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 getuid
eb2.3lift.com/ 37 B
140 B 104ms
23ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 pbsync
ads.yieldmo.com/ 0
35 B 200ms
44ms Image
text/plain 54.74.172.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.172.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-172-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ 0
45 B 96ms
29ms Image
text/plain 5.196.111.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58800/ 0
15 B 23ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=1&gdpr_consent=

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
sync.sxp.smartclip.net/
Redirect Chain

https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1

42 B
309 B

20ms
20ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 29 Dec 2023 00:01:45 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 v1
match.sharethrough.com/universal/ 0
35 B 113ms
20ms Image
text/plain 3.120.52.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 62ms
20ms Image
image/gif 3.123.206.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.206.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-206-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 su
ih.adscale.de/ 0
38 B 93ms
20ms Image
text/plain 54.93.154.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/su?gdpr=1&gdpr_consent=&tpid=22144&cburl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.154.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-154-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-length: 0

GET
H2 200 um
sync.teads.tv/ 23 B
163 B 160ms
63ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?gdpr=1&gdpr_consent=&ssb_provider_id=1&uid&fb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000024%26us_privacy%3D%26uuid%3D%5BVID%5D
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 29 Dec 2023 00:01:46 GMT
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ 0
214 B 102ms
21ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=52948&gdpr=1&gdpr_consent=&us_privacy=&rk=dub
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK cksync
cs.media.net/ 56 B
398 B 165ms
69ms Image
image/gif 2.19.100.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=60&type=ss&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%3Cvsid%3E
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 00:01:46 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 56
x-mnet-hl2: E
Expires: Fri, 29 Dec 2023 00:01:46 GMT

GET
H2 400 /
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ 0
0 106ms
24ms Image
text/html 168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BPDID%5D
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2

200

usersync
sync.springserve.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=1&_fw_gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_...
https://sync.springserve.com/usersync?aid=1000028&uuid=e0f8e5671df35e7ccc13534cbeaf1eb&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=...

43 B
205 B

43ms
43ms

Image
image/gif

79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000028&uuid=e0f8e5671df35e7ccc13534cbeaf1eb&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 00:01:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://sync.springserve.com/usersync?aid=1000028&uuid=e0f8e5671df35e7ccc13534cbeaf1eb&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1703808106031054-548

GET
H/1.1 400
Bad Request pbs.gif
sync.admanmedia.com/ 60 B
60 B 419ms
105ms Image
text/plain 8.2.110.17
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 00:01:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 60
Content-Type: text/plain

GET
H2 200 xdEizrWJ.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/xdEizrWJ.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/pal/sdkloader/pal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15273
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Dec 2024 01:15:18 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
234 B 56ms
56ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?length=900&loaderinit=2683.5&nonreq=2683.5999999046326&nonload=2844.0999999046326&srvcstrt=2672.4000000953674&srvcend=2842&palv=1.21.3&lid=1&id=pal_html5&c=138555819709161&domain=cultura.uol.com.br

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F833 0
42 B 116ms
31ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32405467&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:44 GMT
content-length: 0

GET
H2 200 19607 Show response
tv.springserve.com/rt/ Frame 882F 27 B
218 B 709ms
708ms XHR
application/xml 52.213.69.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.springserve.com/rt/19607?cb=1703808105724&language=en-US&dnt=0&lmt=0&inv_partner_domain=tvcoins.com&url=https%3A%2F%2Fcultura.uol.com.br%2F&content_id=b6ae743e-fcc0-4a1f-addd-9575477287f8&content_title=TV+Cultura&vt=TV+Cultura&channel_name=TV+Cultura&placement=1&tvc_channel_type=live&schain=1.0%2C1%21tvcoins.com%2C25afe66662054592b9a99d97c1938205%2C1%2C%2C%2C%21springserve.com%2C1689%2C1%2C%2C%2C&payid=afc3f49c3bced813%3A25afe66662054592b9a99d97c1938205&content_livestream=1&r_type=pre&prodq=0&gdpr=0&ssid=c5a31cc0-1cc2-4bd9-8388-6199f5d119bb&mute=1&w=377&h=218&ad_type=video&givn=AQzzBGQEj4SwYLqmLNUmE6qCVlkPJWgfA0Im6sjPQ17Y7m6UNALdaeabi3O-dpgxywYrP5X5rTzrVhdBKEUevjbH9lfWZW36o7vl0TPgGeH5eZ24dwuLU6-msgKXzTAsmJtPFyO16H7WoaYs5rAvVn78b7oG1PShGPWsFc8i3EPLrF66bd3f36LVEPkwr-bFwejKUTXChCQ_oDJvCdMm68HfOAPjth8WoTlpCXXRtR1c_IGcj7VhIovGLacImbKB2YPfAbx03nSJKDmk4Bboiqc-490jRxUNmhoN2n5vG0DKqthWo8kCcX6q632XA_L0GHc31lpmBmUN-tg2urn7GbYb3upfiUE7CCpsyA3lfhfBIJyByuE6BWQeCFlRaHJ9emTdkv2ezaDxFdDDLC125ljhZ5kD60bobV2CTkyQdnfXRvBVxzNK-Iq200W9uJY3apmmTYibJyx9vso-d9WcvxP8xBl_kQRShO0ctMiLIlJ6mbXrRcYckhjf2wWXodNljz6jmtMkTQ-yJzXl-55l5BlFNgU7DKAm773RULDyya2hD78X8giSEltBjRKpIOYUdZrqiEo47cBL-cxzCMvzEFlrSajvOtRgU8X7w6LnltxsbQ2M-YukpdAHPjR1LwJJVGMJCpCi1ZQU2b4yEubufzslaqv0dHXFRUHX0AV98aS0AKj_2EjhZhByJ13pNIJEqFJ8_8j77zgtzdxUL8miu3ux6SB3rc51vgYmqFaxdyfy9g6DNWvXVeZ5wT_oFl5ppqFxBP5HQr5sx5Jj8OQMuB9IfM7U267u0SdLXAHxcgLFEWqJNoiwU07wI87J9J12Q71v_dhoHq5s04iuLguhK0J3Rvws3niphExtD6LRqgOozItbSwvY4WPkcCANF9TMRw..
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.69.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-69-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 29 Dec 2023 00:01:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 27
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 7DCB
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126&gpdr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126&_li_chk=true&gpp_sid=&us_privacy=&gpdr=1&previous_uuid=4bff16381e1b4901a9eb0ccb3e86ab88
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7021529529312003850
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4bff1638-1e1b-4901-a9eb-0ccb3e86ab88
https://p.rfihub.com/cm?pub=39342&in=1&userid=895438b0-c47b-4c3b-84cf-d3483fa6cf9a%3A1703808106.9895623&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D895438b0-c47b-4c3b-84cf-d3483fa...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529575758439&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D895438b0-c47b-4c3b-84...
https://idsync.rlcdn.com/501709.gif?partner_uid=895438b0-c47b-4c3b-84cf-d3483fa6cf9a%3A1703808106.9895623&_=1703808106.991523

0
98 B

87ms
30ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=895438b0-c47b-4c3b-84cf-d3483fa6cf9a%3A1703808106.9895623&_=1703808106.991523
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 fa63af50c0e4f34ddecf2b2d0dca224e.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=895438b0-c47b-4c3b-84cf-d3483fa6cf9a%3A1703808106.9895623&_=1703808106.991523
content-length: 445
x-amz-cf-id: NWwSl0O0Hyaehx9rZtnSvNv9gSgn9LxdHP2KvCbA7OEDtSb5J8X2pw==

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 7DCB 43 B
479 B 330ms
112ms Image
image/gif 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 00:01:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5JPG3EFFPG8R9R4R7XQ5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7DCB 70 B
149 B 152ms
44ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7DCB 170 B
409 B 81ms
31ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 getuid
secure.adnxs.com/ Frame 7DCB 0
0 29ms
28ms Image
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 7DCB
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126
https://creativecdn.com/cm-notify?pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Pbp8JUOQl_7WteAEntLkCYZgd7Fv3F3JAb3nQzomDmI&pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126&tc=1

43 B
327 B

48ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Pbp8JUOQl_7WteAEntLkCYZgd7Fv3F3JAb3nQzomDmI&pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126&tc=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGtzH5RQO0LrJzbJBqQsxUxb%2BmGao60TaYAAyZTE9eJyCAlr7Efvq9sEsu8IIaPuyB1vsDu2ceDZF4%2BroRKRzvbRRTFmF9Yyj4QqadRDA6Y2%2F03hRGymEXXrPU2tBVc79l%2B2wHa9RiK3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cdc536ace758de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Pbp8JUOQl_7WteAEntLkCYZgd7Fv3F3JAb3nQzomDmI&pi=index&gpdr=1&gdpr_consent=&us_privacy=&user_id=ZY4MaWmiq1NwScaaH-A4aQAA%265126&tc=1
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT, Fri, 29 Dec 2023 00:01:45 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7DCB
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7021529529312003850

43 B
560 B

75ms
60ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7021529529312003850
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJArFgyo3%2BQ%2FSJrcl4VgzGi0aiMLuqfhGuxgl%2BjEcKZqco3pEhBV4R6wLOr7HEZjXtzzuMUPD6NBHQQtbvhCpT%2BjdkKs%2BW4cfxPlVBPctdMmN72Mdyf55XRSk382g2ZU5eJzMX6zJaa8PA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cdc5366caf58de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7021529529312003850
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 7DCB
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

34ms
34ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Fri, 29 Dec 2023 00:01:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /no_match_opted_out
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 28 Dec 2023 00:01:45 GMT

GET
H2 200 usersync
vid-io-dub.springserve.com/ Frame 7DCB 43 B
205 B 42ms
42ms Image
image/gif 79.125.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.117.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-117-43.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.2.4/ 11 KB
4 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.2.4/firebase-app.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/webalert-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013deeec837f58b15d19f79b6dc4eb844e26edc6425c3bc95078413fff257397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 06:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3849
x-xss-protection: 0
last-modified: Thu, 27 Jun 2019 23:53:04 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 06:07:40 GMT

GET
H2 200 LVEN46HQ.html Show response
tpc.googlesyndication.com/sodar/ Frame 1986 23 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/LVEN46HQ.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/xdEizrWJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d510de3a1d076b47340cc5f84fa93285645cb07919480ff0fc6c2cb3cc10ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 567153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8534
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:29:13 GMT
expires: Sat, 21 Dec 2024 10:29:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 55B8 197 B
837 B 482ms
222ms Document
text/html 2600:9000:2251:d000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 173
content-type: text/html;charset=UTF-8
date: Fri, 29 Dec 2023 00:01:46 GMT
etag: ba5203ce522cc70a434e9a70452ca145
expires: Fri, 29 Dec 2023 00:11:46 GMT
last-modified: Wed, 27 Dec 2023 14:47:32 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.23.0
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id: TXaEus2xnjTPiC4KM7O16lUWyXZOIOAf0uoSh7nUG9SrVbcRBFUuJA==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 Prebid.js Show response
tm.jsuol.com.br/modules/external/ 353 KB
114 KB 810ms
810ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808106.536364fd
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=6, origin; dur=784, ak_p; desc="1703808106172_34831685_1399022845_78833_491_19_0_146";dur=1
content-length: 115718
last-modified: Fri, 03 Nov 2023 15:15:04 GMT
etag: cdd1b84f0c29c6c8e530adae3955fe73
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3591
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame D926 3 KB
2 KB 619ms
24ms Document
text/html 2600:9000:2449:9800:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:9800:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61157
content-encoding: gzip
content-type: text/html
date: Thu, 28 Dec 2023 07:02:34 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 435254ceec69c136096ca9b455fd3534.cloudfront.net (CloudFront)
x-amz-cf-id: Hr2u7bhLrooxMvqGJ6pmI7bJn3QvMF-_VNIRkKXRZ7pXDFFLGEz4gg==
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 156ms
108ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab04c8dfae55739114c84ca0ff3c1ec100a8097babc169fc574896148472df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29258
x-xss-protection: 0
server: cafe
etag: 276 / 19720 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:46 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 87ms
30ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:12:46 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 2941
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: DVJ9ippkS0sDO18xSlWV2oCSWOwBUifHbMW9n2viUQZn0ziAR47dsA==

GET
H2 200 privacy-sandbox.html Show response
privacy-sandbox.uol.com.br/ Frame 0C57 3 KB
2 KB 603ms
25ms Document
text/html 2600:9000:2449:9800:1e:82d4:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:9800:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61157
content-encoding: gzip
content-type: text/html
date: Thu, 28 Dec 2023 07:02:34 GMT
etag: W/"07e6f374a305976ee993e8ac814c9914"
last-modified: Tue, 07 Nov 2023 16:21:24 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 435254ceec69c136096ca9b455fd3534.cloudfront.net (CloudFront)
x-amz-cf-id: WqDw2EWaYuOL4VGNY8oROc9xGNXhYK6pi57jyRs4kh3JZx1h6KMAZA==
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pub-4854083244330948 Show response
fundingchoicesmessages.google.com/i/ 182 KB
60 KB 155ms
93ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-4854083244330948?ers=1

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f54562ba1b4854563e09699aeb2a0f1911ffd3acca18523d3195943d350db497

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qvTS52u__LoIq_MILHaGcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-qvTS52u__LoIq_MILHaGcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub-4854083244330948 Show response
fundingchoicesmessages.google.com/b/ 11 KB
6 KB 97ms
37ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-4854083244330948

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58feaaeaf3a4021f962a8d4a3ae129af7d593236f118825037af4603866fdda6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-SJ7Xi0yfZ_VVsU6wvhoxJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-SJ7Xi0yfZ_VVsU6wvhoxJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 837ms
836ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808106.5363650b
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=20, origin; dur=796, ak_p; desc="1703808106196_34831685_1399022859_81503_297_19_0_146";dur=1
content-length: 5277
last-modified: Sun, 24 Dec 2023 11:43:35 GMT
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 156 KB
19 KB 872ms
872ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc943d99a17601269835433917f1efda0d67b29122939756712776a7bc4fdbb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808106.5363650c
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=843, ak_p; desc="1703808106195_34831685_1399022860_85044_462_22_0_146";dur=1
content-length: 19104
last-modified: Tue, 19 Sep 2023 13:40:24 GMT
etag: 3ba5a00d1d7a002cf562eaf6ca619ce7
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 parceiro-async.js Show response
conteudo.jsuol.com.br/barra/ 14 KB
5 KB 687ms
240ms Script
application/javascript 2600:9000:21c7:7400:12:a82:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tvcultura
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:7400:12:a82:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 5eb3d7a6f4f3e30511f8be4110569a6b4920c05db2c45576d0d90f2e7b97e3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: gzip
via: 1.1 3542cbb3a5773810405fca7ba271be44.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: RefreshHit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 4031
last-modified: Thu, 15 Jun 2023 09:25:27 GMT
server: marrakesh 1.23.0
etag: 2afb28149ca8f2dc47a00adfa4fea3fa
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: pukzj0hRdhKoZcptil-hSYYx1aMJqbWm01EPVurX5qchkqCiea54zw==
expires: Fri, 29 Dec 2023 01:01:46 GMT

GET
H2 200 tvcultura.js Show response
me.jsuol.com.br/aud/ 23 KB
9 KB 493ms
35ms Script
application/javascript 2600:9000:21c7:7c00:1:aa11:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/tvcultura.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:7c00:1:aa11:940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 90748853b2a55aa0fa97f512b1741537cae65a65ace8d653d524b7075068c527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:34:34 GMT
content-encoding: gzip
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1632
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8912
last-modified: Wed, 20 Dec 2023 18:34:42 GMT
server: marrakesh 1.16.6
etag: d1b2c24e8460d3ac1a338c54457d44c2
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: lw6OWlvJ6jcdzdHkPUGUP_RDm3buKPRF5V3QCy1UTCgP9snktd2OkQ==
expires: Fri, 29 Dec 2023 00:34:34 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 9 KB
4 KB 889ms
889ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=dwxkma
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 08ddad83cbb70950aefc26b0f8d7df2bfd3dae866f507e19ce3a6f617bd81650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808106.5363650d
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=13, origin; dur=857, ak_p; desc="1703808106196_34831685_1399022861_86751_356_22_0_146";dur=1
content-length: 3135
last-modified: Wed, 20 Dec 2023 20:12:45 GMT
etag: d9894e43c82aa4a8a8d0c200adc16801
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.2.4/ 32 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.2.4/firebase-messaging.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/webalert-notification.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 06:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8748
x-xss-protection: 0
last-modified: Thu, 27 Jun 2019 23:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 06:21:59 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1986 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 204 AGSKWxVVv4rViacjg74nOEnU6b3K6S_6veFDf7ORt8w2g0ZgeVrCGEE3dXoe167A0QqMInuh8GJJ-94PvOPPc4nrUmWCJw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 75ms
33ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVv4rViacjg74nOEnU6b3K6S_6veFDf7ORt8w2g0ZgeVrCGEE3dXoe167A0QqMInuh8GJJ-94PvOPPc4nrUmWCJw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n6XZCvZYNNFpmd-ufHvX0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-n6XZCvZYNNFpmd-ufHvX0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cultura.uol.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0e1ab0a1-d93f-4bdc-b304-e76a53464e72 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
829 B 75ms
21ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0e1ab0a1-d93f-4bdc-b304-e76a53464e72
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: fd950e95b68589560c204192110d0ea3ce8327be52b58ecc4ecfe0b24652fb9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:16:27 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2719
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: zIV2OeklaJvy4PcLF9C35tWenftO3gr9249aqOFXxA0d1L7EkCoXhg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 27ms
27ms XHR
text/plain 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcultura.uol.com.br&pubid=0e1ab0a1-d93f-4bdc-b304-e76a53464e72
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 22:01:36 GMT
via: 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 7209
x-cache: Hit from cloudfront
access-control-allow-origin: https://cultura.uol.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 1N4FFL3lganbaVJkRYZG0gHFGOS2xNmhfO78TH2nKa82omKnh1JCGg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 58 B
499 B 116ms
63ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcultura.uol.com.br%2F&pid=QY7FD5KZ1Bi8y&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22banner-300x250-area%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-area-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-area-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-area-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-area-5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-area-6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-area-7%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x250-outstream-area%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-300x600-area%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-728x90-area%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-728x90-area-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-728x90-area-3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%2C%7B%22sd%22%3A%22banner-970x250-area%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftv_cultura%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=0e1ab0a1-d93f-4bdc-b304-e76a53464e72&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: VMB0S3WGNEGJ8KHK4ZS3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 58
x-amz-cf-id: j2ZNCEfPooB2M77q76ZmFPD0155TgS3UBaPk9cjUrfSCcuJU39Apfw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 78ms
26ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 c3d7a569db567dde78a645781f9949a2.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 07:29:09 GMT
x-amz-cf-pop: AMS58-P4
age: 59558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pnyvsGZ9IlEztZSj1eWIbHBHGaMEGM0wykbtgzHOr0QQ9pgMQjnY1g==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1986 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=33&t=2&li=v_h.h.3.2.2&sid=aQyOZavXJrmS78EPgbSI4A0&bg=!bW6lbiHNAAY3kmNgF5I7ADQBe5WfODrZwlCizLi7maDLEXyWbWkwsNbvLh63_BStFwhnj1yoZ2a7EJZz-eu-pmwU6Xh4AgAAAERSAAAAAmgBB5kCfKWTA6qm0iHH26j6I47I9BlXO6PO9tYS0eZAexF6TLgMG4ktbr5mkROpZv4A-HVXaw97AwJ038uBGMQres-t5krOpLHU9emtDQ-beRFZG3nVPzEWxQ__RlRh2Sk2DOkL7uqyai2SdxzhrEuX9Vwcx92XKcitMoT4J49eMj3E384j36bbphg_xuG7fqBDrOsUuAU8sxM2o2fC_s_Vv1yvNPK5z8n9CsP3JzDdh1alDDC5ujOJCFnxjp9ZQL2uQaKd6ic93NvkT17i_3J9v2pi1eko1WFwA9aYOEdCO2fkGqwLlU70J-pkB1x5N3fJ0G5nornuocQaN16CUhFbJ32APQ2O55kDadJZR2gkSEEi-yvaFpL73OooSLsFM-ekCkd6Q5uVF73aJfzjGXuy_WvtuO2Al4bEomfRFLr5JTfO_5LcGkA4UnOQRxafF8rxQP-Dn-CRmW6KCdBasrP5ob_GXe6FtXvm22SmtkgCuG_tmwImGT8bzjziMBPjJ_eW2H9ZBvc40tj0b21TgPDVQCr1K6ukqrftHsBCiyjLdC6sK7GyoHYF20J6ctXXn7A6qGnyByMmyhBGqWPNmmgmOF1WyL-ruBf0nVZDTVgdL6sSDWT23RQoW2H1XFY5PfSjh5ietB1d80ou2UVDcPZHMJjloRhtvsoLBz-JrB6B6pW3KeSkuPdSO5mqSVvT24t6YJWvg3ROoR46_B2lZA_v-PWMBWoE7ASEV7L0IOwEXMZ74Sep5OQWk3QfCcKrndMhpDKkFhRfYYlR8Vc7jPUrfRhNIlAXcQp3iZXbb33hNcPV4MOgKWs2MnK86MrFYCv9-49gvsUJQs-BXjt7KPgAPA

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28922
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 27 Dec 2024 15:59:44 GMT

POST
H3 204 AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
33ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9X58R4ruQ9jvSp64smcjIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-9X58R4ruQ9jvSp64smcjIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxV1hE5kZiIGh4-Hwe_Ezv-nFoUKDuDe3OznSFuFD4b64x7LPO5r7IH0dnJzLaINTVjpaL_N1dS2XBAep7HMbnc5M_W6bKNZpn-xw0r-8VOF24Fqyqwt-WShFPrtWRDnWENx_w3_jg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV1hE5kZiIGh4-Hwe_Ezv-nFoUKDuDe3OznSFuFD4b64x7LPO5r7IH0dnJzLaINTVjpaL_N1dS2XBAep7HMbnc5M_W6bKNZpn-xw0r-8VOF24Fqyqwt-WShFPrtWRDnWENx_w3_jg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODA4MTA2LDM4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jdWx0dXJhLnVvbC5jb20uYnIvIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbNywiMTkiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03765cb4197fb39f0da75646f088571be08e56e00ff1f0e3919d9278802373e1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FCcO78ZUbn905oGot_aJ3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FCcO78ZUbn905oGot_aJ3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8804 Show response
fundingchoicesmessages.google.com/i/ 182 KB
60 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/8804?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae345f323061260be99427f5034f02528f06e7107317ba3e0f246bf798cd76d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XCRjbE0o60JLxwVTztc23Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-XCRjbE0o60JLxwVTztc23Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 882F 0
234 B 364ms
116ms Ping
image/gif 2607:f8b0:400c:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqpvcs6c&c=1114084764324&slotId=557042382162&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c05::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
cognito-identity.us-east-1.amazonaws.com/ Frame 0
0 344ms
112ms Preflight 2600:1f18:41d6:7400:2ff0:49d6:3299:32aa
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:41d6:7400:2ff0:49d6:3299:32aa Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 782401f8-fd79-40f1-bb6c-72bfe1b1bdac

POST
H2 200 / Show response
cognito-identity.us-east-1.amazonaws.com/ 63 B
318 B 119ms
119ms Fetch
application/x-amz-json-1.1 2600:1f18:41d6:7400:2ff0:49d6:3299:32aa
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:41d6:7400:2ff0:49d6:3299:32aa Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

177d749133a074581bd2d8503b85c4e5fff7ba51505ee11af4494067c15738fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/x-amz-json-1.1
amz-sdk-invocation-id: f19efa19-d0ca-460a-ab0a-a7f517a1e998
Referer: https://cultura.uol.com.br/
amz-sdk-request: attempt=1; max=3
x-amz-target: AWSCognitoIdentityService.GetId
x-amz-user-agent: aws-sdk-js/3.306.0 os/Windows/NT_10.0 lang/js md/browser/Chrome_120.0.6099.109 api/cognito_identity/3.306.0

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 88fc65d4-3e6d-4f97-9773-979f7cd84289
content-length: 63
content-type: application/x-amz-json-1.1

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 100ms
36ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 100583
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83cdc53a3a5a6a73-TXL
expires: Mon, 01 Jan 2024 00:01:46 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 73ms
33ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: 66DQ5AATCXY2WP34
age: 1925
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83cdc53a08d14db6-FRA
x-amz-id-2: LgyxPuSgdxWm6QeOo8F40RM1LPQ0PkSTUloHvLTYaQx9cx5uIuXfY2sziuJLgz0pYNCrYPDiUPu4vtwsqXIolA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 114ms
43ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 21 Dec 2023 07:50:16 GMT
server: nginx
etag: W/"6583ee38-a9b8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Dec 2023 00:01:46 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 99ms
28ms Script
text/javascript 18.239.18.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-12.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 05:37:13 GMT
content-encoding: gzip
via: 1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 66274
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: iajwEtz2_4NIKlm62iNdVtDfQN_iEMuIiSeM5PFGvQ046wXr1hgdCA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 148ms
42ms XHR
application/json 34.250.183.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.183.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-183-118.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ed5603631b3f139da16b066e2063795a5c7c392075065d3ea782bcc999e144c5

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
x-server: 10.45.1.40
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DCA1 14 KB
6 KB 128ms
43ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cultura.uol.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 342475
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 55B8 4 KB
2 KB 20ms
20ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
akamai-grn: , 0.457d1302.1703808106.53636625
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703808106651_34831685_1399023141_11_491_19_0_219";dur=1
content-length: 1065
last-modified: Wed, 19 Jul 2023 21:26:10 GMT
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=1218
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/tvcultura.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Dec 2023 23:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 809
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 29 Dec 2023 01:48:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLX6BXMTSC

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/tvcultura.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5717bc647960852f7a9b1e76c3890342e87815fff274b1ffd4409f6989e3c7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Dec 2023 00:01:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLX6BXMTSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62WXYG8FFJ&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06a6ab6e004a30a32baa31e7e029e1fdf612d4187b30a4a848df15f65cead553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Dec 2023 00:01:46 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/6036356/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js

4 KB
2 KB

29ms
29ms

Script
application/javascript

18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 07:01:30 GMT
content-encoding: gzip
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 05:18:34 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 61217
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: qO9SsWNIFt7NjkGPgKs-m5Y98V3ZIJGXXjetBtF-bAiW1DEtYQg6-w==

Redirect headers

date: Fri, 29 Dec 2023 00:01:46 GMT
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
location: /internal-cs/6036356/beacon.js
content-length: 0
x-amz-cf-id: Uwz6BAWqW4Tq5y4wFJcD9hipeKaK35VufBg_0wR-MbDXVqHj3hPWNw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1507507572&t=pageview&_s=1&dl=https%3A%2F%2Fcultura.uol.com.br%2F&ul=en-us&de=UTF-8&dt=TV%20Cultura&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACEABBAAAACAUK~&jid=1249398215&gjid=198073405&cid=1684149065.1703808105&tid=UA-97689914-229&_gid=121173283.1703808105&_r=1&_slc=1&cd1=Parceiros&cd2=Tv%20Cultura&cd3=Tv%20Cultura&cd11=normal&cd4=1684149065.1703808105&cd66=1703808106685.rgfvezga&cd85=none&cd87=none&cd88=none&z=302525276

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97689914-229&cid=1684149065.1703808105&jid=1249398215&gjid=198073405&_gid=121173283.1703808105&_u=6GDACEABBAAAACAUK~&z=209978778

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 29 Dec 2023 00:01:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97689914-229&cid=1684149065.1703808105&jid=1249398215&_u=6GDACEABBAAAACAUK~&z=728170072

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97689914-229&cid=1684149065.1703808105&jid=1249398215&_u=6GDACEABBAAAACAUK~&z=728170072

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLX6BXMTSC&gtm=45je3bt0v891046185&_p=1703808105370&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1684149065.1703808105&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703808106&sct=1&seg=0&dl=https%3A%2F%2Fcultura.uol.com.br%2F&dt=TV%20Cultura&en=page_view&_fv=1&_ss=1&_ee=1&ep.uol_property_id=326419485&ep.publication_type=normal&up.cookie_consent=none&up.login_widget=deslogado&tfd=3883
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLX6BXMTSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZLX6BXMTSC&cid=1684149065.1703808105&gtm=45je3bt0v891046185&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLX6BXMTSC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZLX6BXMTSC&cid=1684149065.1703808105&gtm=45je3bt0v891046185&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=877718706

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 882F 0
54 B 116ms
116ms Ping
image/gif 2607:f8b0:400c:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqpvcst1&c=1114084764324&slotId=557042382162&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44804291
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c05::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DCA1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=uol.com.br&sn=ChromeSyncframe&so=0&topUrl=cultura.uol.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=CFnC-HxDQk5lT2FRZjFOdFZGcWhFM0hxNkE3dkVoZks3aFI0cVJmNTZkLytxbnJtbE1hZE5kZFI2b284ZG1wMi9CQVFnYnRLVm1hTTBGb1o5OENVaXdsOVMvVmZKeVVjL1g3MzVoOWErNVlDYnNuRzdpSlJJZkkwdWdNQV...

430 B
653 B

44ms
44ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CFnC-HxDQk5lT2FRZjFOdFZGcWhFM0hxNkE3dkVoZks3aFI0cVJmNTZkLytxbnJtbE1hZE5kZFI2b284ZG1wMi9CQVFnYnRLVm1hTTBGb1o5OENVaXdsOVMvVmZKeVVjL1g3MzVoOWErNVlDYnNuRzdpSlJJZkkwdWdNQVZ6a1ZST1JZSFVBcjlnMEdGbzE0SXR5WndHdWs1TWdJK1paMnlTZFczdzBJOWQ1d1BFbWJZMVI2dWNCWkxxdll4VDdYcURXTUVITElsMGNFRWZhK2N2RThkaGdRZXYyOXNxSXBXSlYvM0Q4NnJxQ1ZEN2hmWSswOXV6bndqYk9hNFBvd3kyNDlybjZ5Ly9henlEdm1DanpBQzkzaDhBQm1KZnNkc0p6b2ZBYmlLS09qTERWRT18&cppv=2

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6548b9bd11263165cb1d61bd7fb0497586fe822a8e886df6e9dd259c33c51151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1295820
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=CFnC-HxDQk5lT2FRZjFOdFZGcWhFM0hxNkE3dkVoZks3aFI0cVJmNTZkLytxbnJtbE1hZE5kZFI2b284ZG1wMi9CQVFnYnRLVm1hTTBGb1o5OENVaXdsOVMvVmZKeVVjL1g3MzVoOWErNVlDYnNuRzdpSlJJZkkwdWdNQVZ6a1ZST1JZSFVBcjlnMEdGbzE0SXR5WndHdWs1TWdJK1paMnlTZFczdzBJOWQ1d1BFbWJZMVI2dWNCWkxxdll4VDdYcURXTUVITElsMGNFRWZhK2N2RThkaGdRZXYyOXNxSXBXSlYvM0Q4NnJxQ1ZEN2hmWSswOXV6bndqYk9hNFBvd3kyNDlybjZ5Ly9henlEdm1DanpBQzkzaDhBQm1KZnNkc0p6b2ZBYmlLS09qTERWRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 293451
content-length: 0
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1507507572&t=event&_s=2&dl=https%3A%2F%2Fcultura.uol.com.br%2F&ul=en-us&de=UTF-8&dt=TV%20Cultura&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=webalert-authorization-nativo&ea=clique&el=ignorar&_u=6GDACEABBAAAACAUK~&jid=&gjid=&cid=1684149065.1703808105&tid=UA-97689914-229&_gid=121173283.1703808105&cd1=Parceiros&cd2=Tv%20Cultura&cd3=Tv%20Cultura&cd11=normal&cd4=1684149065.1703808105&cd66=1703808106783.yhigs2p9&cd85=none&cd87=none&cd88=none&z=11031536

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 09:51:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51018
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 36ms
36ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703808106830&ns_c=UTF-8&c7=https%3A%2F%2Fcultura.uol.com.br%2F&c8=TV%20Cultura&c9=
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:46 GMT
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: 9SlwgpI-OJgvwIxIvJwIRBV8IPQhf1ceoS6JoRgO5lrYdBF2qRXSMg==
x-cache: Miss from cloudfront

GET
H2 200 uol-icones-setas.woff
stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/ 24 KB
24 KB 505ms
33ms Font
application/font-woff 2600:9000:218e:fe00:1c:9011:a540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.woff?2017
Requested by: Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tvcultura
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:fe00:1c:9011:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc

Request headers

Referer: https://cultura.uol.com.br/
Origin: https://cultura.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:40:39 GMT
via: 1.1 bd03106f662746adc3512ff682754ad0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
age: 13398
x-cache: Hit from cloudfront
content-length: 24128
last-modified: Thu, 29 Jun 2017 15:57:04 GMT
server: Apache
etag: "5e40-5531b5a137468"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: PHviq6o1Zj_YVbiO-qNJScP0GExJSI8jTXkXDQdkCqgPUWhQIx5H4g==
expires: Thu, 14 Nov 2024 15:40:39 GMT

GET
H2 200 uol-text-regular.woff2
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 16 KB
17 KB 505ms
33ms Font
application/font-woff2 2600:9000:218e:fe00:1c:9011:a540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff2?v5
Requested by: Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tvcultura
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:fe00:1c:9011:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8959cb49147ca81605362c45925027eec7a80acbfc71b0e1c2341814d909d7da

Request headers

Referer: https://cultura.uol.com.br/
Origin: https://cultura.uol.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 04:04:02 GMT
via: 1.1 bd03106f662746adc3512ff682754ad0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
age: 8209367
x-cache: Hit from cloudfront
content-length: 16648
last-modified: Tue, 03 Nov 2020 20:44:00 GMT
server: Apache
etag: "4108-5b339ec266566"
access-control-allow-methods: GET, HEAD
x-varnish: 2850948731 2850102136
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: QmiXa3vaX07TlkJzjCJ7oK2Iqdi7IMLXurH7CzOZb3eZpDzGcAud2Q==
expires: Mon, 25 Sep 2023 23:39:00 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 107ms
27ms Script
application/x-javascript 2600:9000:2449:3a00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tvcultura
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:3a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:18:38 GMT
content-encoding: gzip
via: 1.1 be95b2ba3a5805485c26e84ad1dd7a2e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 16988
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ArKlA5lE9H7XGJFv4CCS00gdU3Otq6NUeYzWU6QACDz4f6SuP16y9Q==
expires: Fri, 29 Dec 2023 19:18:38 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 112ms
32ms Script
application/x-javascript 2600:9000:2449:3a00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tvcultura
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:3a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:05:05 GMT
content-encoding: gzip
via: 1.1 be95b2ba3a5805485c26e84ad1dd7a2e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:04:59 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 17801
etag: W/"65838f3b-11b0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: befppsEgLE7BxJJXRn2k7ISC2G63I-DWxsfViN9z11ggnEWjxj5AEA==
expires: Fri, 29 Dec 2023 19:05:05 GMT

GET
H2 200 logo_completo_white.svg
conteudo.imguol.com.br/c/_layout/v3/logoUOL2021/ 2 KB
2 KB 695ms
427ms Image
image/svg+xml 2600:9000:2449:2800:10:3798:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conteudo.imguol.com.br/c/_layout/v3/logoUOL2021/logo_completo_white.svg
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:2800:10:3798:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 542ec618c3fa72569d6241c6d125b9dc7ee7427f585c6a5714f980dfa2764f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:38:21 GMT
content-encoding: gzip
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P6
x-cache: RefreshHit from cloudfront
last-modified: Wed, 28 Apr 2021 21:58:16 GMT
server: Apache
etag: W/"887-5c10f79d18e0a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 69Dx31SISOKY0tQD-5qb3Vcl5bh5DRPeO10eYJJv8XD8_pskP5sJQQ==
expires: Wed, 20 Nov 2024 15:38:21 GMT

POST
H2 200 / Show response
cognito-identity.us-east-1.amazonaws.com/ 2 KB
2 KB 135ms
135ms Fetch
application/x-amz-json-1.1 2600:1f18:41d6:7400:2ff0:49d6:3299:32aa
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:41d6:7400:2ff0:49d6:3299:32aa Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

c843a109d8f7c47f40fd6106cf3b9f9cf1f6c97e942be497835c56dcb076d9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/x-amz-json-1.1
amz-sdk-invocation-id: 5cdef649-9f5e-46f8-b293-e09807e84919
Referer: https://cultura.uol.com.br/
amz-sdk-request: attempt=1; max=3
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity
x-amz-user-agent: aws-sdk-js/3.306.0 os/Windows/NT_10.0 lang/js md/browser/Chrome_120.0.6099.109 api/cognito_identity/3.306.0

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 00:01:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: aae798f0-ddaf-4add-a99b-c0442f5ec921
content-length: 1792
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.us-east-1.amazonaws.com/ Frame 0
0 111ms
111ms Preflight 2600:1f18:41d6:7400:2ff0:49d6:3299:32aa
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.us-east-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:41d6:7400:2ff0:49d6:3299:32aa Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Fri, 29 Dec 2023 00:01:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 86e44eb0-33ab-465f-9b75-097fe535bc46

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 159 B
487 B 273ms
119ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=uol.com.br&domain=cultura.uol.com.br&path=%2F
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70f682596c2a4a175a6b3bd583669ac6574984805ed94f1b4b88fae592c0a822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 129
x-served-by: cache-fra-eddf8230042-FRA
x-timer: S1703808107.150943,VS0,VE100
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 27 Dec 2023 00:01:47 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 143 B
962 B 115ms
115ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

bb4a710cc52c082c0a427338222983f01dde0dd79b334ae49a9cf153cd3d2f28

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
an-x-request-uuid: 19494982-489b-423c-8df1-c3a3e330faab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
469 B 153ms
21ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: f4f6a5ff630027a261aed8cbb53a40e92c980b8d80863c282d84ce5a2492d15c

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.5.0
Content-Type: application/json
access-control-allow-origin: https://cultura.uol.com.br
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
Expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 224ms
80ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 357ms
225ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
340 B 140ms
132ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=992495
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566608e292e1a0105986227401ff824d84435bc2f82c03ac4f8c7d2988cf84d6

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2Hj%2BLnTR1gdJO8Z7BVTf0MK7ZF058%2Ft1O%2Fc1KEPXMzjKxatY21l6fC%2FCPZ84M1MT7S6%2BQn2sTBBDcQkMghMnWv8W%2F6nvvYaYknQaSks3Ohcd4C24ud3oPNELCDK7OnTX7OQyPUO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83cdc53cee7658de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 17 KB
8 KB 118ms
118ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

7db0a2b955d1158ccbe9f1836847415777ee4b0b3e5a19785572a868335e4a38

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
an-x-request-uuid: 0e8a8827-b86b-4ce1-9138-c1cba76a6590
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 400 B
747 B 215ms
86ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=419424&zone_id=2374112&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.domain=cultura.uol.com.br&tg_i.page=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.pbadslot=%2F8804%2Fparceiros%2Ftv_cultura%23banner-970x250-area&tk_flint=pbjs_lite_v7.52.0&x_source.tid=00caab27-c503-4ed3-a5c0-f21e28f0b6d4&l_pb_bid_id=140894b7001792d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=00caab27-c503-4ed3-a5c0-f21e28f0b6d4&rp_maxbids=1&p_gpid=%2F8804%2Fparceiros%2Ftv_cultura%23banner-970x250-area&slots=1&rand=0.10708385154633038
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dcaaff0984ad22994726af2242f1e34fa356337ccf157abcd53b0339d7481cb1

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 400
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 222ms
83ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 539ms
411ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 378 B
726 B 215ms
88ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=419424&zone_id=2374112&size_id=2&rf=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.domain=cultura.uol.com.br&tg_i.page=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.pbadslot=%2F8804%2Fparceiros%2Ftv_cultura%23banner-728x90-area-2&tk_flint=pbjs_lite_v7.52.0&x_source.tid=fe9e9d38-05ff-49d8-a9af-180dc27dc77a&l_pb_bid_id=2094619e10232e6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fe9e9d38-05ff-49d8-a9af-180dc27dc77a&rp_maxbids=1&p_gpid=%2F8804%2Fparceiros%2Ftv_cultura%23banner-728x90-area-2&slots=1&rand=0.8464624962898752
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4f0f2b5d3c7fc2d934cbb22f28db339605035078300ab16df6a32175607ec88c

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 378
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 220ms
82ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
8 KB 165ms
165ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

f8b5d396ea2ab8db4b544f72e8274cea8c6041b583782467667416763b3f6918

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
an-x-request-uuid: e514679f-4fa4-4aa7-a08d-dbd02dfd8f06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
65 B 515ms
388ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
394 B 106ms
102ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=992495
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b86d4e240e17a3a4bf39d7f3d515897444f87cf99e3e8e562f8dd6b3f2ab0860

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHoyg%2FjSwkTkkWbDO%2BCfmwnTZEF%2B4kKgRROb0WC0tkP8fnzJtpyQ7RUEmhIxexh0Nf3LbP3eIOPiNihsRcuHbWoZWEDt%2FcScWntQ8d2ZLxO8PF8fh0RhetREkGI3jI9t2WiSAhIq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83cdc53cee6958de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 254ms
118ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
372 B 203ms
78ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 378 B
903 B 204ms
80ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=419424&zone_id=2374112&size_id=10&rf=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.domain=cultura.uol.com.br&tg_i.page=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.pbadslot=%2F8804%2Fparceiros%2Ftv_cultura%23banner-300x600-area&tk_flint=pbjs_lite_v7.52.0&x_source.tid=b734eee0-1970-4901-b4e4-fab48cd6e05c&l_pb_bid_id=343d25e711ef2c1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b734eee0-1970-4901-b4e4-fab48cd6e05c&rp_maxbids=1&p_gpid=%2F8804%2Fparceiros%2Ftv_cultura%23banner-300x600-area&slots=1&rand=0.01764021671813265
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a3c4a03a73259df8fb2e723c203ee47e1d5a620b10719e0ef128b17724843ef7

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 378
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
309 B 116ms
114ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=992495
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea6d92a5ed60ced2cbc6dd7b29e2a8a2cba4b29a35ede1b80e0890dd8d081673

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE86npl4nyJPBPalZx3yxj%2Bj44mKkX185sYgo5NOR52gaceoaUoYZ25ZVNePFfyqV9OqUpOoOcYku%2B38dLcdabhKV9ofuSerZ6zYSoslg2W9hkVqnDVu9dWHiM2zZ2Af8HTGd7RZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83cdc53cee6e58de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 143ms
143ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

a6873f49df23d735d49b8bc9d72bfe55a2950bf61bbe41f4ad0b284d1cc31911

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
an-x-request-uuid: fd5c9755-27bc-4ed5-96c2-4d6f791c5c28
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 340ms
111ms Image
image/gif 34.199.59.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=uol.com.br&p=%2F&u=PM1fdD64ThxCSLyay&d=cultura.uol.com.br&g=61085&g0=Total%20Parceiros%2CParceiro%20-%20Tv%20Cultura&g1=tvcultura&n=1&f=00001&c=0&x=0&m=0&y=4963&o=1601&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fcultura.uol.com.br%2F&b=4149&t=C-N_nqDbT7mXCwq6IiBkH8STOR_FN&V=143&i=TV%20Cultura&tz=-60&sn=1&sv=Co5SEWB8glHBBCoSNvNNwR_CQMYPQ&sr=external&sd=1&im=061b2ff3&_
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.59.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-59-187.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
523 B 234ms
120ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
udr.uol.com.br/ 142 B
619 B 872ms
247ms Fetch
application/json 2600:9000:2449:1800:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:1800:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: b042dcd87c21afc7ab82b1ff2516dab083fcf775e2518225b1033d630fae5dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 b7f8e0880cd5f19b3036b75b021c1c76.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: AMS58-P6
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
content-length: 142
x-amz-cf-id: CsHLuCen9yYQb2AihadXtPfwyiZd8qVx_R0Iv-Ybmg3nv3isemXE1A==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 29 B
707 B 28ms
28ms Fetch
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

db0bb9e3b036caf086083a2b140dd9b17d38f6c7c3b8ac5c338b53042cea0ba1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
an-x-request-uuid: ebb07d80-5d50-4e90-b157-03f539c11d3c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 29
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
m.t.tailtarget.com/sync/TT-10162-1/
Redirect Chain

https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1

43 B
129 B

118ms
118ms

Image
image/gif

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1
content-type: text/html
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145

GET
H2 204 store
udr.uol.com.br/ 0
0 912ms
352ms Fetch 2600:9000:2449:1800:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/store?scope=xandr&sid=5279117664637391043
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:1800:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 b7f8e0880cd5f19b3036b75b021c1c76.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: AMS58-P6
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
x-cache: Miss from cloudfront
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-id: FlPfqIPvMbFUWRxwlByvRKQRQGKrKY-ibDGV8YWEBSACGhqvLo7Zjw==

POST
H2 200 graphql Show response
publisher2.us-east-1.prod.tvcoins.com/ 919 B
1 KB 489ms
489ms Fetch
application/json 2600:9000:20b4:1000:8:3bba:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher2.us-east-1.prod.tvcoins.com/graphql
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1000:8:3bba:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 43164be20f322ef3d3d0d76dd1dca3ba5ccf11cc27fc40a39b2602fc95151934

Request headers

x-deviceid: us-east-1:94b63d2e-9953-4355-a8ca-7f9c73aa8d25
x-language: en
accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/appsync/aws4_request, SignedHeaders=accept;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-deviceid;x-language, Signature=04763f910f76e501e32c5b3157557387f4b9da3b64147fa8ad95c7cd5c630ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
x-amz-content-sha256: daf264b058592865682dd4ec8471e47e8ef500b1f74aa207a15232db1bee68a5
Accept: application/json
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
Referer: https://cultura.uol.com.br/
x-amz-date: 20231229T000147Z

Response headers

x-amzn-appsync-tokensconsumed: 1
date: Fri, 29 Dec 2023 00:01:48 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
x-amzn-requestid: 5a34eab3-b9a4-4f3c-afd0-b25ed2c8dc5a
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length: 919
x-amz-cf-id: nZSj6L6HXJZxhw3wx3rere-Pez2lyHJmkFLDEkZ0IMFmbIjes0dzqg==

OPTIONS
H2 200 graphql
publisher2.us-east-1.prod.tvcoins.com/ Frame 0
0 458ms
285ms Preflight 2600:9000:20b4:1000:8:3bba:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher2.us-east-1.prod.tvcoins.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1000:8:3bba:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-deviceid,x-language
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-deviceid,x-language
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age: 172800
content-length: 0
date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
x-amz-cf-id: TSHzygt1JcTbm9h0PbkYDDkMFxzH2-ufjxy14lb1VaTvQVqhnvKE8g==
x-amz-cf-pop: AMS58-P4
x-amzn-requestid: 0ceb3ca5-b8b6-483d-8d8f-32705ed6fb06
x-cache: Miss from cloudfront

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 380 B
414 B 247ms
246ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=419424&zone_id=2374112&size_id=15&rf=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.domain=cultura.uol.com.br&tg_i.page=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.pbadslot=%2F8804%2Fparceiros%2Ftv_cultura%23banner-300x250-area-3&tk_flint=pbjs_lite_v7.52.0&x_source.tid=59c4dbc2-e392-4bf5-be28-aebaeed145c0&l_pb_bid_id=40350f587458c06&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=59c4dbc2-e392-4bf5-be28-aebaeed145c0&rp_maxbids=1&p_gpid=%2F8804%2Fparceiros%2Ftv_cultura%23banner-300x250-area-3&slots=1&rand=0.1467830843654736
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3cbdb2e60446601af610d1185020785661768d91224ddebc3dd5c0586da6f782

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 380
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 25 KB
14 KB 348ms
348ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: b7d0c76002c02570fb29abe98e82f1fdf2c05a8ae69159f082592ff30157c643

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
527 B 113ms
112ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=992495
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00315f5ab279b759e10ea5bf891e6f8d6934041bbc33b96ba9875803211f170

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yyk7INE%2FSAl%2FoS1qeiFEI0XBKZ7ulhJoPVZWRJDYOw11jtzHXt6iGDvw%2F9XqRaZcQq7n6gSW6fngwbjkvgYXVSq7TPHV5HAeKApDNJN7Yc75D0yvmIoSNQJxz5FO7hK4%2FU%2BdZhHP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83cdc53e5d0f58f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 165ms
164ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:46 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
9 KB 125ms
125ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

7e689b38b0e5f3c939c75fd6a38f3a0e6c4fbddcc2ef1e0f6660e0b7fbd14155

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
an-x-request-uuid: 78d583cd-9c8e-4025-b4f1-7435ec0f43a1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 265ms
265ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615060659721634&correlator=3990901765853137&eid=31077978%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctv_cultura&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1703808107288&lmt=1703808107&adxs=1017&adys=1677&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcultura.uol.com.br%2F&vis=1&psz=363x0&msz=363x0&fws=4&ohw=1172&ga_vid=1684149065.1703808105&ga_sid=1703808107&ga_hid=1507507572&ga_fc=true&dlt=1703808104518&idt=1897&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0%26amznbid%3D2%26amznp%3D2%26hb_pb_appnexus%3D0.11%26hb_adid_appnexus%3D5166b5841017a8b%26hb_buyer_member_id%3D3285%26hb_adid%3D5166b5841017a8b%26hb_size%3D300x600%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.11%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_bidder_appnexus%3Dappnexus&cust_params=cdn%3Dother%26origin%3Dcultura%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dna%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&adks=206940638&frm=20

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4affa24e7fcc79aad5bb1adc43ee59d35a4a6c6043dac218a5a2574976dc701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18085
x-xss-protection: 0
google-lineitem-id: 6291494610
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431861193
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0316 6 KB
3 KB 123ms
54ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
expires: Sat, 28 Dec 2024 00:01:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 36ms
36ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.900299908323099

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ocB14ZnAozBwVB_1tnmoxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-ocB14ZnAozBwVB_1tnmoxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 43ms
43ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.22444647380252558

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vhaH3ql7shll3UOM8pGa6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-vhaH3ql7shll3UOM8pGa6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
34ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u6tPVLY_WIC-kiTENYskJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-u6tPVLY_WIC-kiTENYskJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 280ms
280ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615060659721634&correlator=1371104968303228&eid=31077978%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctv_cultura&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1703808107544&lmt=1703808107&adxs=214&adys=4472&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcultura.uol.com.br%2F&vis=1&psz=1172x0&msz=1172x0&fws=4&ohw=1172&ga_vid=1684149065.1703808105&ga_sid=1703808107&ga_hid=1507507572&ga_fc=true&dlt=1703808104518&idt=1897&prev_scp=campaignuol%3D1%26pos%3Dmiddle%26native%3D0%26amznbid%3D2%26amznp%3D2%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D5319f3cabb920b%26hb_buyer_member_id%3D7706%26hb_adid%3D5319f3cabb920b%26hb_size%3D728x90%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.03%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_bidder_appnexus%3Dappnexus&cust_params=cdn%3Dother%26origin%3Dcultura%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dna%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&adks=4029865109&frm=20

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

025ac32aad4f24dd55218ccad3c087328358881ae5199347bc591c5a2b811d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10459
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 292ms
292ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615060659721634&correlator=1749244219549236&eid=31077978%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctv_cultura&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1703808107561&lmt=1703808107&adxs=436&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcultura.uol.com.br%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1684149065.1703808105&ga_sid=1703808107&ga_hid=1507507572&ga_fc=true&dlt=1703808104518&idt=1897&prev_scp=campaignuol%3D1%26pos%3Dtop%26native%3D0%26amznbid%3D2%26amznp%3D2%26hb_pb_appnexus%3D0.28%26hb_adid_appnexus%3D49b712a6da85ac8%26hb_buyer_member_id%3D977%26hb_adid%3D49b712a6da85ac8%26hb_size%3D970x250%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.28%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_bidder_appnexus%3Dappnexus&cust_params=cdn%3Dother%26origin%3Dcultura%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dna%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&adks=1100188297&frm=20

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b7c96207151256bd91462eccc5267226936f4b830ef0487a6958bc5389688bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12076
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 871ms
221ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 00:01:48 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache
Connection: close
Expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame FD76 213 B
846 B 226ms
226ms Document
text/html 2600:9000:2251:d000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Fri, 29 Dec 2023 00:01:47 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Fri, 29 Dec 2023 00:11:47 GMT
last-modified: Fri, 07 May 2021 13:45:52 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id: FgVTE3YHmEH2m-hn1C6V0XxPKu5WOSES9JO0sHwcPdYHvs9lUAtjoQ==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 88E9 213 B
846 B 221ms
220ms Document
text/html 2600:9000:2251:d000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Fri, 29 Dec 2023 00:01:47 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Fri, 29 Dec 2023 00:11:47 GMT
last-modified: Mon, 25 Dec 2023 12:15:48 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.23.0
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id: o23h95LGY6kH196HIh030yjQd8sQDPlfGXsJbwc0vQ4D5DUD3ZmvZw==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
7 KB 1345ms
1345ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808107.5363686f
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=1316, ak_p; desc="1703808107592_34831685_1399023727_132257_544_19_0_146";dur=1
content-length: 6125
last-modified: Wed, 01 Sep 2021 14:43:32 GMT
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3542
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
68ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7ced1109215c7f57070493a6d9737a93cda0222b8e673e48f2a973fd5e675a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12058
x-xss-protection: 0

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4ECF 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK58Po4-VqgWCET0bsV96IjI2deT-C-cu1sO8BsGWrkyWjeyM8dcOZEJfcOVYTEfxqOhmZjxUonP5XW2TinevjdwXL_HdC7HakeZ5H8_qMIQqHqZZFMvtbvS7gwHHOosvklu-_9yyQA56ZNrCWs7l3KLorvu-at_Mp-C7Fsar-1JO6X0PcD2XHeQ00VYZzl6AgSeiMzjC0u5HYf_-CChHOqRV64syUXkud5iZE4hafOtxrcysP_QFdiXOx7srK5ogjTxNUnCDouZnzwUmm2sEDLDx72EnE5BWqR6mf8japvLFsBCo41MYY6mWE6bSjmAmFbTMPND7uFfLiD4kXxX2bPwed9-C4cOyYKKUZ7eMRrnE9GR3YhyIJ3Put&sai=AMfl-YR4cBsLMNzz3iR-KprfBTodVPHUsKKM_3XfSVJyMGN_k71wb8659hLOxAj27A4O1xjPD7gobqVWKQ_hdpixfwWQx1ll8gek_b9R4UFnU3LcjSisyUkQcfA8ROHzyaXyRSMFCFghwuhuRRQcQpVQqf8&sig=Cg0ArKJSzMqKF1ZUM62SEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4ECF 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4ECF 203 KB
65 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H3 200 9369989302226335239
tpc.googlesyndication.com/simgad/ Frame 4ECF 164 KB
164 KB 21ms
21ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9369989302226335239

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdc2ce9cdf4c6db9fac7dee7e8e40c007bd4cd1c8086f8f4f2f2cbcfd19ac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 15:52:55 GMT
date: Mon, 25 Dec 2023 15:52:55 GMT
x-content-type-options: nosniff
age: 288532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167761
x-xss-protection: 0
last-modified: Thu, 04 May 2023 15:42:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4ECF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 422d46411bc3ae448db929db18bf74932e9c061b5df59960bda94de970e2b015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 303ms
302ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615060659721634&correlator=3583768008626143&eid=31077978%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctv_cultura&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D13cea985ff4974ec%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MZ4Zu6smneUjnX8yz82mrOfiSoc1w&gpic=UID%3D00000d2f06550e32%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MZX_JwN0gTBxcZKwtp7ia5IGtnCPA&arp=1&abxe=1&dt=1703808107603&lmt=1703808107&adxs=214&adys=943&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcultura.uol.com.br%2F&vis=1&psz=377x45&msz=377x0&fws=4&ohw=1172&psts=AOrYGsmJKw8jzR3I70PcXYCp1EtRYbCC5mFBVMVq1XUhZKeDYVy2tqXaU4BUN-oMSFoF_oCMj98DdrzTmWB4lA&ga_vid=1684149065.1703808105&ga_sid=1703808107&ga_hid=1507507572&ga_fc=true&dlt=1703808104518&idt=1897&prev_scp=campaignuol%3D1%26pos%3Dbottom%26native%3D0%26amznbid%3D2%26amznp%3D2%26hb_pb_seedtag%3D0.07%26hb_adid_seedtag%3D577e4f9b924f686%26hb_pb_appnexus%3D0.26%26hb_adid_appnexus%3D558cde00c43993f%26hb_buyer_member_id%3D977%26hb_adid%3D558cde00c43993f%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.26%26hb_format_seedtag%3Dbanner%26hb_size_seedtag%3D300x250%26hb_bidder_seedtag%3Dseedtag%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_bidder_appnexus%3Dappnexus&cust_params=cdn%3Dother%26origin%3Dcultura%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dna%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&adks=3736149549&frm=20

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7120102c06648ca5f90392eaba72862c752d8c1a58e9199a9ae093b53ff767d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11675
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9155 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 16:01:27 GMT
expires: Fri, 27 Dec 2024 16:01:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EAC 829 B
559 B 33ms
33ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7bd081384c31e59b9dbdaa7bcc9d1c5cddbb116dc674d7549d967de9a534ffd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3mgnxVDjniQobNUcKKjf2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3mgnxVDjniQobNUcKKjf2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
expires: Fri, 29 Dec 2023 00:01:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4ECF 0
0 97ms
57ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuicgOVN5EAh5yI2AWrZUbW_iZPYaCAW57d3ARBZ1yttKZgYbVDUpsVBNbalhOXZV1W62JM5-oRQH0FVOp5T9iJ9dK3B3DIuXrZsvxSLAgdROXoVSUZTTBEgcku9qoBCca9NpF71yOCJEoOWE8EpAol2Ivwfq03IxlFGwg7X3Bx1jfNJQiyIYDJ6DtJI4qkJlmAM7SSkMLeOaATxPJ-4Rv6w3j4WrfK0jQY1Kz2sg-Rxdsvy1jeYAklmosoh922Gtmb86qukLgYiCUgVqS-cW6HzTiK7fZ1H7CTPMreZ6a-Ty32zmU7kKHcDYh6KudvK_O8gAARUX6_Y8vOhYpTY7emmD9QV-c9sFVbJjXKLfZQDMTBYRK5ZS13IW4o7Ro&sai=AMfl-YRCh5dKeLQKsl5eu_lGUm6qUx2-zAhaUE1X3e5-ck7o9II3un6rJYKv-xTrCjW_fMwTpynb9zCE0Vc5PQdupd07Kb_VeUCwtYLmzct9M4q-UJwxYALnBRqeaC59k_ojHH55YoCe-5UL-_xE7BJ0k_c&sig=Cg0ArKJSzM8Mg390J6q3EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 4ECF 4 KB
2 KB 31ms
30ms Script
application/javascript 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:19:15 GMT
content-encoding: gzip
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 63753
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Qsta8UjeERk7Y4fKL4PBmA523S9X5TKXRO3qgmdZBtuYbEh4b6X7Ng==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/6036356/ Frame 4ECF
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js

4 KB
2 KB

30ms
30ms

Script
application/javascript

18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 05:18:34 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 61218
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 9m_BlT2cj73Dh6wTwiTtMzAjuZQLefTfa-xvwzh_81AJ4lm7OpYC7g==

Redirect headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
location: /internal-cs/6036356/beacon.js
content-length: 0
x-amz-cf-id: XPjcHDkwWoAIBZUxYVgoMmSqeYEuMjo27iQOTYwYNPO7659EWXeDUg==

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9155 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EAC 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2615060659721634&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 bridge3.609.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5506 751 KB
240 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 520678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245986
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 23:23:49 GMT
expires: Sat, 21 Dec 2024 23:23:49 GMT
last-modified: Mon, 18 Dec 2023 19:42:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3432 40 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:38:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.609.1&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291&id=ima_html5&c=988368941690050&domain=cultura.uol.com.br

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 4ECF 0
225 B 38ms
34ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=6036356&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703808107785&ns_c=UTF-8&ns_if=1&c3=1&c7=https%3A%2F%2Fcultura.uol.com.br%2F&c8=&c9=https%3A%2F%2Fcultura.uol.com.br%2F
Requested by: Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: gMiDz4VJRMY-eKDh0af39FRuYS6fxN1RbHOdolsmlZFobNbEhMm3WQ==
x-cache: Miss from cloudfront

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 88E9 43 KB
10 KB 29ms
29ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, Hit from parent
akamai-grn: , , 0.457d1302.1703808107.536368f3
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1703808107817_34831685_1399023859_757_536_28_0_219";dur=1
content-length: 9152
last-modified: Tue, 03 Oct 2023 19:57:45 GMT
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=1840
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame FD76 43 KB
10 KB 27ms
27ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, Hit from parent
akamai-grn: , , 0.457d1302.1703808107.536368f6
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1703808107820_34831685_1399023862_469_343_28_0_219";dur=1
content-length: 9152
last-modified: Tue, 03 Oct 2023 19:57:45 GMT
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=1827
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9155 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pSfQhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E40 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
expires: Sat, 28 Dec 2024 00:01:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A9F 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
expires: Sat, 28 Dec 2024 00:01:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A51D 624 B
438 B 62ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLGQxvcBMAE&v=APEucNWaahsmyRJ2rhvupYXe0a4Wkzzj3esXLHCRHc_yLW0kyKfph7bki0hdQLHt__jNyZfggi88GVL5OaMwbGstvhAvmgAfKNod_ut5N4dCAV8Fkwmop5pl_KLKi0Xz4293pq-It6sJdH8Fc2SceOUgnRUpsrUkF1LR1Z03_gzORNgAbp3_lys

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E40 89 KB
31 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E40 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQPQbharKwO9QEqNYZXs4GHYFJuzAc9hDFLdgvte32zKl-sGyRKQcs_Xm1ywSi1a0AOGFwr5KgNmBxWZXbvAitwXOhUbeTOxaW_P3ofJA58PdpGxY

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 4E40
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1676726/75268012/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1014264744&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=

43 B
482 B

162ms
24ms

Image
image/gif

2600:9000:20ab:6000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:20ab:6000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 ed6e39eea0e39e463514b9421b7a2806.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1492325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: NtfkJTal8I3NoCBZDUyDZN06Os-RMvYGiFU62AvdOHRvAIrtw3fAuA==

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E40 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E40 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4E40 0
0 29ms
28ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTk9MV88ZF2qeBxS2jvQKA6j8dgjDgafexX2VTOC4y2efQWINHG3JaTMcopjhVKNXkL4D5LpXQ192uxbAZZwVNxcQZOaQ
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E40 203 KB
64 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:47 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5506 156 B
143 B 246ms
246ms XHR
text/xml 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Ftv_cultura%2Fin-article&ciu_szs=300x250&output=xml_vast4&ppid=undefined&ppid=undefined&unviewed_position_start=1&correlator=3994571787563504&gdfp_req=1&ad_rule=0&env=vp&description_url=https%3A%2F%2Fcultura.uol.com.br%2F&cust_params=campaignuol%3D1%26videoplayertype%3Ddynad_in-article%26videoinarticlepos%3D1%26videoplayersize%3Dsmall%26keyword%3Dvideo-auto-play%26UOLDNA%3Dnull%26UOLID%3Dundefined%26bt%3D9000%26cdn%3Dother%26hasFocus%3Dtrue%26hasMouseIn%3Dfalse%26origin%3Dcultura%20uol%20com%20br%26ppid%3Dundefined%26topics%3Dna%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fcultura.uol.com.br%2F&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=1524564207&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F5A83804-F967-4931-AE3B-BFC8D1004A7D&a3p=EhsKDDMzYWNyb3NzLmNvbRiVgIKXyzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiWgIKXyzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YloCCl8sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWgIKXyzFIAFICCGQ.&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291&url=https%3A%2F%2Fcultura.uol.com.br%2F&dt=1703808107945&cookie=ID%3D13cea985ff4974ec%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MZ4Zu6smneUjnX8yz82mrOfiSoc1w&gpic=UID%3D00000d2f06550e32%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MZX_JwN0gTBxcZKwtp7ia5IGtnCPA&scor=2141582491127393&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74BB 640 B
308 B 62ms
62ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXuDsqzRdvGUtD_QDgzMLVdrFgeK2B-QxBIQHAm6xm4KfnzFYCSD3Qg9ncsK-mr72AH8rfJewOqbCVU7BcrZAsnEcKLPXzNBgvCN8YWOT23M6nZCtmmq3tfNeWQSaKKENuduNecfIPxWgEah9C2E0DI3VhmhK8YxeYd8moDmtk29i7Dd4U

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5A9F 89 KB
31 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A9F 42 B
63 B 58ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2JQUGfjzc-vI4sHWbl8aVSKyqP6dS2t28p_UKhVGJOgrCkTlui2KV-RFVsIS3GPp0eEiZaXOxYdBnwvcMFnC5rZe-e_gc-B5wt7ItESDTIR0hLho

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A9F 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A9F 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5A9F 0
0 31ms
31ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSliCZ28Wj4Q3PSlTyZZ6PVDRImPhf2ovACvytBT0paFg1G7yaXy8TbkwosDA0o9PWDd2Ce5klsDHaZbqPpSCMexmiGew
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A9F 203 KB
64 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:47 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E40 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3257049892370&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E40 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3257049892370&version=m202309260101&ct=76&x=1&cor=14108558864458732000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4E40 101 KB
39 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXYnhBrfoy47tnCDaxVbS_fisdPuWNVuM1KeuHNBfXORyIkcShMezNSXyxe4Eaxv4_VTwwAU7WvQ8uLvVx74eNTGXNXndX_0c2F7zrjetEyM1JaTFvyw0nq287yOGz7uxbaXsBWBwigylGiXMq5CHYGRIc2nVbpS5JKfbANBroiyy2ggQ&dbm_d=AKAmf-BnDfgcKx0mjMf6R9PQyuw9WNNGSfYZHwfkZs31c0VjRWQUANx5tgKZhdnfiSNhHPtBL6-DCjm-nNESlnAfUF0K12Tg1PHoH2k33SS73uCE55rGE1_S-NA3LgmrgZ2pigm180r7NZUeDk61iAbadD14ogu2RNx7YcI9eQgfJpE-K0ZKmhDR06G83YpScXfZzASfk0YC8SrEbls0hjl2oygwkYH0aiA4HZo-_QManywvvvDNzkLn0nzEbQ4euEir9AFVgqMXM7B4B-OZxuTbISLyf57156_5BcFp7rbDYL00x1Rv8nW5j-boVA2roa0iQ8kLUlF4MT8soyygMHf540Qs5Aqk1I7aOht3am1oMLvphv5mpYfGs2Fz200GfTuxeWQnS-SZCNMUuBGH4I9-oO39RP_RVQCOWckl53PX8IGTNMJoYTCrqFNJYa5Bh8o6dYS4wBu2jyhnWGoQtkhuXk-wN3qTRJ9zfaSFdc3aQrN2ewqnb4KR_PrAmbTe1ZISwSzTn_4BnfohzQgesmqybST-8SYX131FOyyWplwW3qOPZEyfpdMMcws7AAsCt5ip3zhq8EeFMhKyfk8bkPr1NCrlO3i9pvBED38aHJzvFVSTS6SYP8U71-_xcnDISwndoP3UrbInm7vXgg6zZ6c85_MxXZZ602bfKtkjfxeHWeJZciziKwmyKhAtvhQkg_DYxw14EWUEnq22eyazbvP2O8sUl6fxLcfQFTLOO8XGwmQ1Q_OAGrLeCoDQLTpVuEp1wg0uhx_dITeIbTOjeljBqieE9ZrfgW7UuRoA_JcyeQfrS7of0rxP83mzHVgJcciqbgYxGW6WwF5-OxgxdXjWvnJtiO5YGFAIX4v-zTP75RubmHDq-gO4ShEWtbmYR0cvxcX4AueA3P8JUTrE94n03PnVooYIRkVKrcSbUDOkTCHnypa69dINMRkLpQaNrMeEMK61gkphsYzpK9YOBFD_VnRCPkncNqmSYixvb30fMcGoocaiy_giCdJVEk6njVFl4Prn-J6t2izK7kONGPGguH-djNGXQUz4hoTF0XaynFIYBeAwtRs1wdIVmX0MOSXYgvnJWzFUz3MI__9s6OtUY8B-9h0XH8Y6zdwZgxqVX4W_VUY0nd8XRx3yDfDIuQNdDfVFXvFdB7w3AwKzMd5jp0lqf8zCT6yii_UTHBtciEPvzDe2AEmFY65a-oI4C3RyOHK5t0EMtxzmy-GsenVn0jlIhXWRZax6D2jhKqeizc4oqY1R8xAKg9x1a9hBQbsaAksVBvdygpgGZiQxkRvkfMdaVEQ6sB9U_YfNeCYrSBHZWecwm49ueebhADKHU6X91J5YIqRce9CgjcjZzZLCGMiunnHGj4WHsOz7OmJASxTrndCJHrKBXu2Ba0SYL45yJmcuDQlKO7JUD7mQIyJ-6m37c0KII_D9rf2sfD6jsRyqA_XDARLJIo2JAUb4UQfsGmHvByg1z_w4f_jxO7o0mYpxjsseJi8CT7a55Mw9tbGMUWy1NnB_VMOlZFBpez3LRT2LejxdTwlwh7bWDem19nDgW4JAFBALkd_HFECOYGnsDPTJmX06YThpxce-8mJG0WxEmn6NXy3v22damQFel6cYDacJ0uIjQgfAf89u5TT4sWRkQQZfl2P-fNPTMZlQT4E3eUo1Gf6OxOj4WsqPPbDNX0XffO7Iy4ks0TykUWU13WgNY2Lx7akNeTcVRmIM3Hoil2rb42ioXzahvVsh2ct6kDQS-4LiYEmrCb_LIZ0r1kkJqYI45JJJjaoX4P6XQWIZqWVBqQJzMKMKPpO4Bv7KuNtG5sRYYjoIj1rhdDYCNtH05q_jUcY2DIIMjTPsFFtBgoHxM54fKNdTbt1vwuvDrU0lTakRz5GsHZcgalXboVbjDcuBboTg2v7DvsqJ36EnmKEUZAj--t9vrcit23JVFRqVqqsMala8hd_WW8keP6f39V9nUbNMe_MTLuExiRFvoPmhja_o4vG2kv3e2fLJ5HtaresSZsMSMLBH4LjwgDeBcx0iZTp2nfZpN2zMe5OUGtr1D4ifF9sE2F4AiTM9T2zMZ_FEFhQAh6Y90qy7OqYtVa_ATxTr0ykhWlPh3p9U7zRI7A8xn6wbZTy7Z5TDZ4bFJHZplbAuyIgIwKyZu-kCsiphgvsthZPJpwmJjRv2JX5ZLvmOZPPpDfWq94YPmilnWi6gRsMSZ5FFdK0-LcIICunSXQdk_pF2p3rdc9y48Zr7X__-Yy2D1ZOsQ8aPXyiU18umDmDKOwROxxbLz44yeIkn3bpMqskYNai8hmCLh-TZGgjqIMHXF-9vtHDImw3l0lUmTqyT7kwvvkh0vYvkPHrX35VLvDKUTGqFbvCEpWOOKzQ1GW58AyOC_3nxmcWymtQciiIZrVXgqccjVO6Cpyo1fuYBDd0ini5dq1RNedMH-O1aibiKB-x0U5q6tRB51P0P1W8iPbLJHA9BkwquvV35FGKF9k_vasoNc9_MSqNtxWuRa07yGgeJM4fEdypneV5BwNFl7rJsyPqPnxETp-v2qVXLL8-8XcL_zobA9t6ex5zq_2gpfVQTLIc1ugW-oLv7W7xZ__-IuyHRZ930LndKv90Vm9MzllxGsSGt45ulpukkJx1U-BH1_vtjV02J92fiJVLXM_qM9KlxrJtrxiL3ncgfXw-gn4a2dWG2n1tbrxzclAxKGfgIJhMS-DaKRd6To8xEl81KBUsHwGkoZiSAiYzZmwKR8x3rGHQomDQcgAtx5MLekl8xOOd66pAMrliA-6KWo5kxb2rIJX7wSEB-axsi-KgOOu7hlQJ3ivSxK6ouyl7XFGJCps_twwgDw0qx2_HsCATuiuqQxWYa88-RAHBW3pukzEOBKNZZ_He-mPOB8veJZPFidT4andM4TwykFfLy5txpEjXfu7nr2j6q6_pYZVVYDdMr1X255JRAwJ8uRM-vS-7JgkTES8Gt5Fo2kebsSIc9nlASi4dQPlbbrBdPd9W8MQlKaA9D25f14Pa1V7F0c5Bkpa-umY0hgqONSwuZQ1mu3ebLUSdHb8vbJ7RDwHm4-fw704niX0gp2NLBUOCuxcdb6WV5U3Hds-XrnISDk0KrBa9i4zQng2QTWTOFzkI-oR8XGBw_OfxdtUDW2R_dCjOm9iFxsKdcoPJHr2uDwsXVdAaVHNX85IvdOQGSNpn-DXHBX0_WP1YS8dNuyaHDhKUb8WjeES4DUj5Na5eau_aFFKsDbnCh3jMiE98OXm-3cF4DrekD1GR0D3ljOF9yJbIlYv_RtQDQaBTLpMo3s76xz--hIFcaC5IMW0D97zupdBdx7Dr9B5-77szwSStVnxEt-cJGbUiIbXFj7YR7Yu4V6oNXLbotpjwtsCTJfmJrnA-72zdUePsYHOW6VgfGnAboXyuHBroc940iQFSGXw4kMZGgcyR3V3bT8yGnlq5g5qNbe5NHxGFfNFGNUJdmji-f_cGGRMId3U_m8gDOvh4noob-4d9OzHCeVRMZGHTnv4dDz8YhklYVSFLtfD7Vq3j3TSzevLkhmmyc3EM9defMgfx3Y9L7DdDMWPeGSl_Jw8OFfNZXlc-_i5hykru_iP6X2g15vsXogxt6qdvdsbpo0cX_fW5jW0hmlB9QXq3oCAuksU0TynRlCicpaJt2hPnPDSSu0rRuPqeIgCSRgUOQGQyQtg53yo1f8b8fkXdxsRW5EcskuwOzNdjpgLpHzmh3b-FRW9VK-LXBNo-bcrycYP8TgaSxOVcm3urQjE4kVp2GlayIAM1vP34zAuMu6ej13PiIeCtffiXrmr9H_2swFmWXM-l95m0&cid=CAQSOwAvHhf_kFhBiEyBoWPZZQR4wqW101zylE6J9n4m7p-F28FP2jNMSt1kl6nVXb9zzInP6PCkPj3_AQl2GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=14108558864458732000&adk=2013371550&idt=79&cac=0&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fb3f55b0f1508b17825caf3e1a8d8833e25b0effbf3b12603a525ca37e24428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A9F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9192681546792&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A9F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9192681546792&version=m202309260101&ct=76&x=1&cor=12550048584718799000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5A9F 86 KB
39 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFVZ9V0ytgyB-0IXec-SE8y0F72Xbzr0RfXQGl8hM_aKWm-ZdO0cC8bP0wRkwUKpRRhRBIsjhz9ckxx3D3i25fYf0L0WpkDtlPBv3tCnJ1g-yQ_oW4OKf6R1lcA3lX0qwhqdh4fi2YYJ6kdroSQ3TKj4sifqG1Fr-5Clnnyzbc10c1DrA&dbm_d=AKAmf-BVlev4l_5Iov0txgEOHDu9RhKQt1CQ6J0mieV4WTsKvkWKxiTR6_g6K1-suSW6j9ZqIIIcoyG7OoQ5saWwvKvPLcFAKzJ5XIOzKX9ir8U5Wwop0lfImDpmY6k23RUeN1fcRlsmQ-fNXy-UN_8rEHSZlfLp6miCgx_tZAkYeOLxtOANYtZlYNipkVSZUqwb68KTFa5nLWGtdFyHHHqH5rOERETMIz4fUaxFy_qfcULTM1f4T-Zy_Lwl8teHLrDsRxxxhM_i0jhcZoyU4ykIcOHQcD66WNT9SLoBDydd-CFDzolZ5EoS44yGg_5JKCC2z4wS7oXmQMHY2XneKnrJk5C8pCZ_d8oZ0S27jd59-9M6f4w09LyNkzUWP-Q6XWMltAeTOQhWff1N0dgYCmXSecxN9lF2cZvNRx1xA5qEO1Zjh8dFMaiMH2KbPqW900pVa-htajyOaVqpP8I0uwl7nVNaov2IE60Rw-ORANeEtHa54MFB5bJ8vDRR7ISA9eSzyPRNHNrHUXx6gOvbIe6wxVLfoe2vf6aN3h7UICrYNXiJnHkXEJH091fYihtGFip2ibkNDkDBwsyc6EtilFAg6qAjlj7JHm0XoFOe_otQMmHA9ZSTjzcbmnhHsjKuoTSCJ4qdLoHY8oekR9MPvgKFIBW0urGi5P_cN-nLTXdvyTGZd2S9CJWSFjxOWTUNw3y8PlnwKKKIL8a-P2t38hCBZ_urzwPvDuycrPVWS1EkpU9qm-wdZ6BXb1gEpSIGLsyogpwt5Anixg3I6Ws5vyaFqKv2Yv1vuh_JYQZOrF4XjnQE6d2m8PXql2cnj6m86FXkPg6M3RdNF9BMRYO-oo_R2-JDbcKC5fliTmHaPHoNnkgCg2sVJzC6uA5FROqVkCTeZA34QedUet7f-pTR8EaWnfVjAjHEBsvHTA2-OD-jLMxiFfmcj0d1X9k33mFlyKElT-z6AuSWiv2CzVLHWLDcOsDLTVdpvWq_Xjg1gL9Z1vKcNA_gAd1vPxqezHeAaDdautNqR8Xy5ghaB9YMPvZGbSNm7rDUBVOj6crEpyR_yNOievy-rPeRS3N6UsPfGQjuBabe32j2Epdyek-JXowKUxzded_2qrsq1vnpnutX86rKC7vBZ650sRNfCiduj-5MK7esCBr1ZmfCkPhLLhHC_T2lxTT0mETBW50BLpJA8eaG0_40Nz2jepMRXPro_GmNQQu2SAKk6ys6WakGEUXcSByjH29LxDXkKCQGGM87gcDeMEKlQr3g9jYi--7F5xikA5jih2JxsmZPd8Pwq00PIB6oKJiqrWJP1XYBW8Hm4cg8a4EOW2z-Y7TLpa-KWfGZ_3DCdEw5hyXDRdRhtKvG85uonx97ClHWrGBBZhUBgE_dMbSg_U9052P6g3KnxX0qLR6giY5-J1d2yjNhE2K51lcUIO7A_Qo39nIj_fqSHO4W6xTJ3kE_BI9T6HfA9ovM5aXNAZA-uhKxz3MyWpDNA981tUYYE8I1MAszuByHuBmM5t85jIVPEhvVZkROFti5tzbUwWTWJsT_tNm8EF_fpX0FN1GBtbd_C8uJ-eYgJx_Mr2lttEFgkydxcogQ3yC2Vs0UwCWG8mFogcT4dcSKwmaZaypvHJB_tl5WFDGyPMr9LUVLzqf0y9DX_U_TxSla3-Ga-nO3FLnle-Bu0eODYsBTORb44maOVdPoQcwq1EBUeqfMHNaGiKeqSLzeaukUZcBd03MnfYvXqwYu_NdUeZaUTF6E4HmlGsQzWTjIWBvzGk8vgenHOyrI19MlF5tiId8huchifF6Fm2Kd48kdsKyBmTEKsNUuFPmAwg4PKFaAdyD6FxHEUbw0enIGicFz7hsZ3G5iE9kNlHE_tSi7tsRGmLWxSgFT98rNF0r6kY18QTUrhCsMFZO7e9OQWWqUjLkmgB3RYKwR4vNY_KmT5DHdT79HzaxjC2AB05cX7c8DzgUY5Je0N9QeBPQOcjVnw2DGQZpsPN3z_fCnSQjDEiUKS6YEQvxeAYKVWzXDggNylOqHL8pCphklpE7njPbnr9ucBr9Z3GU9ixPQje1KTQfiyoyYNfWvM_JsE3sv7vQ6wzBBMMOK6ASHOp2rT-6UmGl1ujU7HHwBQ-EGqIe9IJiAMV96_5_GgDUDwj6xuYHzB6u1CC1_mth9PvhQfeJSr8vzXzCLexa8reZSv_rlhSwvyh1GcOrIJ5akiYaitAnIV5rAmKoOxLLwCRTWThSdTr78lo6t5DQ1X6puts1BnCzHUDKciUsNCoP8Xly2v_4wGHTCzCd2vpKgzuLY1oD_ZGeEhkTtOtfUef1NenrovKPuhUR2nmVGyq9-Sc2fXzbspPq-U1i_cMZ9gbiTmHBeAsxflkh3bYZSLWXtny3ySaoz3fy9NtefLl055BCeCSha8HKtP-vxNUdRGYaL5aeLZ7eGN4yWyow1pYxH8HA48CRcWoBM51wm28T2Vfm1TSk6arFDoaXqkDg6ZtngCEoCbVsrFBPjg7LkHWkh30EOTz3ZfanGuUjqrUidRF5rdkiHwZYZTIudlpySo5-UnoCFdq8KCrF3EUrXDzPCzN9o-ESlROXPwz-joWQcxv20lIcy6_g9r66KdOwtoGH1yR4tnjGsbxATK3foddDM_KyJG0K4JyUqGgfnqzUwXNfvkM4pwtJU_u3ECAVk2_89RziW5wRFeOqJ5BGEszts4fzTFFPVEYyhKGsVawhDwEtKXhxoyfUP85DxCuoSHIed-qDeEZ-0hs-kkIb9t-X8_VnKA7tpZOaXKUaJCxt-NU8r_TWi5nWl2HKHAHmRdpkibpvMb6CP2cdzK7k_Uky4PSsqXX-OD3G7gP-SbLXOyLGW7sKEvDWObweToBIYTHvhrBvF0AUT8QznyXrqQlZ-1boMLxFYu_8vRbX8Z0bDL372NT3AJ8mXelAS-v5KyLS4f2RgH2fwtmWfV70dOZpYYTRvSPfEIHKb9gxoG1PHA2jtJ1-gk982At2QTX317iXTGKM3swyihCA2-IgwOPzmAGvCH8Ch7dk5zX4fVGSm708CxCQ0b0JK7A22n5Sy1ub2CRBS5tP6OkVAeRF8jItDMfNZc26gmj-KXYL1Sgh8brsb5tCpSz0WIhJ9yivYQSQ2Xi7vcfH95dnVZNbNFM--ifE0jRJtkPoHDI3JU5CsnF3nUCzsm4xyOJBUWkQhgqtDhT-Db4a2N79Wp5oDZ7DyHmOgWVMCvtg-elfAu-bfj-TODDZSidJTX36prp5arSZawMR-eg6T1KsGZ2Xd7ECECschI51wV5nbVek6S4A_eaKhTCmyAlyI8pF2-OW6orM9dMWWPlSMCpgXRABzabrR1M87pYb8CXI_jlGofSZoS5xwCphkAYjq2eX4lQI-GnuxCTxEixfTXscpMKrRTAb5vBklW-grnN5Vrx2ugyLprC_EjyruHbeq-D4Ji43Z3QgW5iE2Gk58mG6CLmmY2TKEDzZFMeMO6Kmj18EnZxL-5RVH1HwhRimx5-sHZncI4mPeZ3zHi1B0Ij1a3ioj4om8yry5WLvLAhsCjPOKFqEkIdakOVM3lB3kSy8dzd6pwVXi56pmmyMaQ01_v1mwMCnmosWXiCOXIvmotXG18YYcbwWL7dv28wBF-O6D5QLTreutp7--LhnwUF622CibaG2VUL2avYk0b2oopIkjJrl_wkQOyA31b7a_xhnYiz-G09DY2XJGE9Y_wt7poPZyfMuYnhFsTXKzTwjBwAz5h4Wgm8FE1tWb1_3CBP5cdiATiKjQuC5mS26FMI6vPUBiaIEQlzWJjcf259WTEXTFiSjc81zJhR50YWAhDh8-Kf6TLhS6w3jGwhgqbSzdl2YR6UaB1g-G3ONqk7YkVvJ072-6QVUCrGWfvok3QnuYlhXaTI_Lc8nXocSuCJytgWD9MvheyuBIkhU8OorWrw&cid=CAQSOwAvHhf_Mye3FSapGv-LBY4m6gf3P2GZ_78MpttOV0FhOv8hqz3-pXtSfgAmwk5tqEydfKi-P8z2jQeLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=12550048584718799000&adk=4020099330&idt=138&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1e919131928cfeef4a0991d641c8b7d7b9827759a81e1bf3b0213ae7f250ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39553
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A51D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1

43 B
726 B

62ms
61ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLGQxvcBMAE&v=APEucNWaahsmyRJ2rhvupYXe0a4Wkzzj3esXLHCRHc_yLW0kyKfph7bki0hdQLHt__jNyZfggi88GVL5OaMwbGstvhAvmgAfKNod_ut5N4dCAV8Fkwmop5pl_KLKi0Xz4293pq-It6sJdH8Fc2SceOUgnRUpsrUkF1LR1Z03_gzORNgAbp3_lys
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiJVaOUVSHL3C%2BgURdHeHqPxHpGvzbOO37wyK3Y1e4FdoFie4Pp7f5bo7WEaSHH4tu7d0EhtYvYhkNcFJqcq4ErU0kvwRQSyvoRstbYOlD6205Jjp7pTRsHGDo5lgtO5Q2uttj3pTKiGNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cdc5441f3e58f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A51D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY4MaWmiq1NwScaaH-A4aQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1

43 B
732 B

68ms
67ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLGQxvcBMAE&v=APEucNWaahsmyRJ2rhvupYXe0a4Wkzzj3esXLHCRHc_yLW0kyKfph7bki0hdQLHt__jNyZfggi88GVL5OaMwbGstvhAvmgAfKNod_ut5N4dCAV8Fkwmop5pl_KLKi0Xz4293pq-It6sJdH8Fc2SceOUgnRUpsrUkF1LR1Z03_gzORNgAbp3_lys
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebj1AeGLIGAuak6KYQsORf6%2FysvARr69EMUD6rLOQFBmyOstMvm42VqPfwtwEHYA81HrydLV%2FGRoz7YRSooirzo3UMmp0yStTSmlndWj5Bvn51GtydOoREpAtWtAd0nZ1%2FRL3xZf%2BSouHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cdc5448ffc58f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtUXyLQyOd1LsSAU0g5TUc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A51D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAomMdUwKBqj4w-Dx6Kahpg&google_cver=1

43 B
841 B

33ms
32ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAomMdUwKBqj4w-Dx6Kahpg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLGQxvcBMAE&v=APEucNWaahsmyRJ2rhvupYXe0a4Wkzzj3esXLHCRHc_yLW0kyKfph7bki0hdQLHt__jNyZfggi88GVL5OaMwbGstvhAvmgAfKNod_ut5N4dCAV8Fkwmop5pl_KLKi0Xz4293pq-It6sJdH8Fc2SceOUgnRUpsrUkF1LR1Z03_gzORNgAbp3_lys

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
an-x-request-uuid: c6b3493b-7653-4d66-980b-5d832dd34edd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAomMdUwKBqj4w-Dx6Kahpg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A51D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3OTExNzY2NDYzNzM5MTA0Mw%3D%3D

170 B
232 B

35ms
33ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3OTExNzY2NDYzNzM5MTA0Mw%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
an-x-request-uuid: b4cbd639-5235-4188-958d-bb2d162d8b94
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3OTExNzY2NDYzNzM5MTA0Mw%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 74BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgh9_vEblR8P9Quz49i-TI&google_cver=1

43 B
105 B

42ms
35ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgh9_vEblR8P9Quz49i-TI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXuDsqzRdvGUtD_QDgzMLVdrFgeK2B-QxBIQHAm6xm4KfnzFYCSD3Qg9ncsK-mr72AH8rfJewOqbCVU7BcrZAsnEcKLPXzNBgvCN8YWOT23M6nZCtmmq3tfNeWQSaKKENuduNecfIPxWgEah9C2E0DI3VhmhK8YxeYd8moDmtk29i7Dd4U
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgh9_vEblR8P9Quz49i-TI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 74BB 43 B
295 B 84ms
34ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXuDsqzRdvGUtD_QDgzMLVdrFgeK2B-QxBIQHAm6xm4KfnzFYCSD3Qg9ncsK-mr72AH8rfJewOqbCVU7BcrZAsnEcKLPXzNBgvCN8YWOT23M6nZCtmmq3tfNeWQSaKKENuduNecfIPxWgEah9C2E0DI3VhmhK8YxeYd8moDmtk29i7Dd4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 74BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMZtusqqFFkg1STspDjQfBc&google_cver=1

23 B
163 B

64ms
62ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMZtusqqFFkg1STspDjQfBc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXuDsqzRdvGUtD_QDgzMLVdrFgeK2B-QxBIQHAm6xm4KfnzFYCSD3Qg9ncsK-mr72AH8rfJewOqbCVU7BcrZAsnEcKLPXzNBgvCN8YWOT23M6nZCtmmq3tfNeWQSaKKENuduNecfIPxWgEah9C2E0DI3VhmhK8YxeYd8moDmtk29i7Dd4U
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 29 Dec 2023 00:01:48 GMT
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMZtusqqFFkg1STspDjQfBc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 74BB 23 B
163 B 59ms
59ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXuDsqzRdvGUtD_QDgzMLVdrFgeK2B-QxBIQHAm6xm4KfnzFYCSD3Qg9ncsK-mr72AH8rfJewOqbCVU7BcrZAsnEcKLPXzNBgvCN8YWOT23M6nZCtmmq3tfNeWQSaKKENuduNecfIPxWgEah9C2E0DI3VhmhK8YxeYd8moDmtk29i7Dd4U
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 29 Dec 2023 00:01:48 GMT
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

OPTIONS
H2 200 graphql
publisher2.us-east-1.prod.tvcoins.com/ Frame 0
0 270ms
270ms Preflight 2600:9000:20b4:1000:8:3bba:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher2.us-east-1.prod.tvcoins.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1000:8:3bba:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-deviceid,x-language,x-session
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-deviceid,x-language,x-session
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age: 172800
content-length: 0
date: Fri, 29 Dec 2023 00:01:48 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
x-amz-cf-id: xRDUnaAwc0GN0FTeOqpWkNZURc6x5rDKXRhxSEL7VqQ2uBYZ_Kzevw==
x-amz-cf-pop: AMS58-P4
x-amzn-requestid: 7f4c42e2-bab8-4249-8503-6aea2d4d918b
x-cache: Miss from cloudfront

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:01:48 GMT

POST
H2 200 graphql Show response
publisher2.us-east-1.prod.tvcoins.com/ 265 B
685 B 579ms
536ms Fetch
application/json 2600:9000:20b4:1000:8:3bba:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher2.us-east-1.prod.tvcoins.com/graphql
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1000:8:3bba:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 885818468729154b63218f0e72dfb1fce27acdd845d339c3ff313d7826640c71

Request headers

x-deviceid: us-east-1:94b63d2e-9953-4355-a8ca-7f9c73aa8d25
x-language: en
accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/appsync/aws4_request, SignedHeaders=accept;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-deviceid;x-language;x-session, Signature=2df963147120f035a11488fcf5e9240e1cbd3b0d78e4c6cdb777cff4033693d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
x-amz-content-sha256: ad5cd622dbb27708b9ff3a143a561ddf32f088ac409021813ec7f0d07298523a
Accept: application/json
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
Referer: https://cultura.uol.com.br/
x-session: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5Y2IwMTlmOS1lMTAxLTRhMGQtYjA0OS1jMjAzM2Q3NTc3MjEiLCJpYXQiOjE3MDM4MDgxMDcsInRlbmFudElkIjoiY3VsdHVyYXBsYXkiLCJpZGVudGl0eUlkIjoidXMtZWFzdC0xOjk0YjYzZDJlLTk5NTMtNDM1NS1hOGNhLTdmOWM3M2FhOGQyNSIsImFub255bW91cyI6dHJ1ZSwiZGV2aWNlSXAiOiIyMDAxOjFiNjA6MTAxMDoyOjEwMTE6ZWE4OTo1NjQ6ZjRmNyIsImRldmljZVR5cGUiOiJ3ZWIiLCJjb3VudHJ5Q29kZSI6IkRFIiwiZXhwIjoxNzAzOTgwOTA3LCJqdGkiOiIxY2Q2ZDc0ZS1lMTI3LTQwNGYtOTUxNi1mNGJhNGI5NjYyN2QiLCJpc3MiOiJ0dmNvaW5zLmNvbSJ9.Gy3qHQ-ajdBGNxgyYFvYMWTWhQR60SBCLKWoq8PopZNTF5hUJvXbyeVAeRheoeLXpNkdSr62XAM_2KqrHq6D7mtj3TPvS9M7MyMVSNQY6Unl6MAb9b8XqCJEVXX9bJneBA4BRFtKHjm-ruWl1ZHkUnJqPF5Vwgzjq6xEMPnbRaY2f5NbGU-AUFfdgRDUJcyKmS2OUuRn9k4OO62N8xvP3fPArWyv5ILKKhKqy8u792Vh_4p2kDZuoT4PMRPw5PGNX056eH_aoJSZtTzjYomXzl-HFcfM9EaPsfo8G2aCVfozcCYdjORU8CH6sXvWXcKphxRrJ8stY1maeqccN0R-AA
x-amz-date: 20231229T000148Z

Response headers

x-amzn-appsync-tokensconsumed: 1
date: Fri, 29 Dec 2023 00:01:48 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
x-amzn-requestid: e011627d-f219-482c-858d-f256edca0866
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length: 265
x-amz-cf-id: odW-P24eqzti-N3eXIypcZNwynphWig46VdH0sxnAPO42vICF56woA==

POST
H/1.1 200
OK / Show response
firehose.us-east-1.amazonaws.com/ 539 B
918 B 136ms
136ms Fetch
application/x-amz-json-1.1 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash: dd431e1f084dbe43162c33d66a9bd879ebc50dfca4dbb99256594f587a18e51e

Request headers

accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/firehose/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=5813262f1c5d006187383e3afdde8c4ad8810e0a1782a7cb08afb192982975a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-content-sha256: 751ef0a35c554e11cf9ead750dee673c64832fcc5201ac5bef804cc8c0fe3596
amz-sdk-invocation-id: 16bbe660-353a-439c-9837-d75a89979d91
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
amz-sdk-request: attempt=1; max=3
x-amz-target: Firehose_20150804.PutRecordBatch
Referer: https://cultura.uol.com.br/
x-amz-date: 20231229T000148Z
x-amz-user-agent: aws-sdk-js/3.306.0 os/Windows/NT_10.0 lang/js md/browser/Chrome_120.0.6099.109 api/firehose/3.306.0

Response headers

Date: Fri, 29 Dec 2023 00:01:48 GMT
Content-Encoding: gzip
x-amzn-RequestId: fa497bed-32a8-3dc2-a441-7541688b5132
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 458
x-amz-id-2: vOVvI+aJhLp/KclxTjFD4bAANOmGUwdkLiut4ZGE1oLBF/6r/ytwmczXEO2Cd1dq5IPm5Q5WXsytVmrgePaKRJNMwLruGBe1

OPTIONS
H/1.1 200
OK /
firehose.us-east-1.amazonaws.com/ Frame 0
0 522ms
124ms Preflight 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Fri, 29 Dec 2023 00:01:47 GMT
x-amzn-RequestId: c58f532c-cfcc-9e94-9b87-5d8095eff264

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4E40 172 KB
60 KB 63ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Origin: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4E40 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXYnhBrfoy47tnCDaxVbS_fisdPuWNVuM1KeuHNBfXORyIkcShMezNSXyxe4Eaxv4_VTwwAU7WvQ8uLvVx74eNTGXNXndX_0c2F7zrjetEyM1JaTFvyw0nq287yOGz7uxbaXsBWBwigylGiXMq5CHYGRIc2nVbpS5JKfbANBroiyy2ggQ&dbm_d=AKAmf-BnDfgcKx0mjMf6R9PQyuw9WNNGSfYZHwfkZs31c0VjRWQUANx5tgKZhdnfiSNhHPtBL6-DCjm-nNESlnAfUF0K12Tg1PHoH2k33SS73uCE55rGE1_S-NA3LgmrgZ2pigm180r7NZUeDk61iAbadD14ogu2RNx7YcI9eQgfJpE-K0ZKmhDR06G83YpScXfZzASfk0YC8SrEbls0hjl2oygwkYH0aiA4HZo-_QManywvvvDNzkLn0nzEbQ4euEir9AFVgqMXM7B4B-OZxuTbISLyf57156_5BcFp7rbDYL00x1Rv8nW5j-boVA2roa0iQ8kLUlF4MT8soyygMHf540Qs5Aqk1I7aOht3am1oMLvphv5mpYfGs2Fz200GfTuxeWQnS-SZCNMUuBGH4I9-oO39RP_RVQCOWckl53PX8IGTNMJoYTCrqFNJYa5Bh8o6dYS4wBu2jyhnWGoQtkhuXk-wN3qTRJ9zfaSFdc3aQrN2ewqnb4KR_PrAmbTe1ZISwSzTn_4BnfohzQgesmqybST-8SYX131FOyyWplwW3qOPZEyfpdMMcws7AAsCt5ip3zhq8EeFMhKyfk8bkPr1NCrlO3i9pvBED38aHJzvFVSTS6SYP8U71-_xcnDISwndoP3UrbInm7vXgg6zZ6c85_MxXZZ602bfKtkjfxeHWeJZciziKwmyKhAtvhQkg_DYxw14EWUEnq22eyazbvP2O8sUl6fxLcfQFTLOO8XGwmQ1Q_OAGrLeCoDQLTpVuEp1wg0uhx_dITeIbTOjeljBqieE9ZrfgW7UuRoA_JcyeQfrS7of0rxP83mzHVgJcciqbgYxGW6WwF5-OxgxdXjWvnJtiO5YGFAIX4v-zTP75RubmHDq-gO4ShEWtbmYR0cvxcX4AueA3P8JUTrE94n03PnVooYIRkVKrcSbUDOkTCHnypa69dINMRkLpQaNrMeEMK61gkphsYzpK9YOBFD_VnRCPkncNqmSYixvb30fMcGoocaiy_giCdJVEk6njVFl4Prn-J6t2izK7kONGPGguH-djNGXQUz4hoTF0XaynFIYBeAwtRs1wdIVmX0MOSXYgvnJWzFUz3MI__9s6OtUY8B-9h0XH8Y6zdwZgxqVX4W_VUY0nd8XRx3yDfDIuQNdDfVFXvFdB7w3AwKzMd5jp0lqf8zCT6yii_UTHBtciEPvzDe2AEmFY65a-oI4C3RyOHK5t0EMtxzmy-GsenVn0jlIhXWRZax6D2jhKqeizc4oqY1R8xAKg9x1a9hBQbsaAksVBvdygpgGZiQxkRvkfMdaVEQ6sB9U_YfNeCYrSBHZWecwm49ueebhADKHU6X91J5YIqRce9CgjcjZzZLCGMiunnHGj4WHsOz7OmJASxTrndCJHrKBXu2Ba0SYL45yJmcuDQlKO7JUD7mQIyJ-6m37c0KII_D9rf2sfD6jsRyqA_XDARLJIo2JAUb4UQfsGmHvByg1z_w4f_jxO7o0mYpxjsseJi8CT7a55Mw9tbGMUWy1NnB_VMOlZFBpez3LRT2LejxdTwlwh7bWDem19nDgW4JAFBALkd_HFECOYGnsDPTJmX06YThpxce-8mJG0WxEmn6NXy3v22damQFel6cYDacJ0uIjQgfAf89u5TT4sWRkQQZfl2P-fNPTMZlQT4E3eUo1Gf6OxOj4WsqPPbDNX0XffO7Iy4ks0TykUWU13WgNY2Lx7akNeTcVRmIM3Hoil2rb42ioXzahvVsh2ct6kDQS-4LiYEmrCb_LIZ0r1kkJqYI45JJJjaoX4P6XQWIZqWVBqQJzMKMKPpO4Bv7KuNtG5sRYYjoIj1rhdDYCNtH05q_jUcY2DIIMjTPsFFtBgoHxM54fKNdTbt1vwuvDrU0lTakRz5GsHZcgalXboVbjDcuBboTg2v7DvsqJ36EnmKEUZAj--t9vrcit23JVFRqVqqsMala8hd_WW8keP6f39V9nUbNMe_MTLuExiRFvoPmhja_o4vG2kv3e2fLJ5HtaresSZsMSMLBH4LjwgDeBcx0iZTp2nfZpN2zMe5OUGtr1D4ifF9sE2F4AiTM9T2zMZ_FEFhQAh6Y90qy7OqYtVa_ATxTr0ykhWlPh3p9U7zRI7A8xn6wbZTy7Z5TDZ4bFJHZplbAuyIgIwKyZu-kCsiphgvsthZPJpwmJjRv2JX5ZLvmOZPPpDfWq94YPmilnWi6gRsMSZ5FFdK0-LcIICunSXQdk_pF2p3rdc9y48Zr7X__-Yy2D1ZOsQ8aPXyiU18umDmDKOwROxxbLz44yeIkn3bpMqskYNai8hmCLh-TZGgjqIMHXF-9vtHDImw3l0lUmTqyT7kwvvkh0vYvkPHrX35VLvDKUTGqFbvCEpWOOKzQ1GW58AyOC_3nxmcWymtQciiIZrVXgqccjVO6Cpyo1fuYBDd0ini5dq1RNedMH-O1aibiKB-x0U5q6tRB51P0P1W8iPbLJHA9BkwquvV35FGKF9k_vasoNc9_MSqNtxWuRa07yGgeJM4fEdypneV5BwNFl7rJsyPqPnxETp-v2qVXLL8-8XcL_zobA9t6ex5zq_2gpfVQTLIc1ugW-oLv7W7xZ__-IuyHRZ930LndKv90Vm9MzllxGsSGt45ulpukkJx1U-BH1_vtjV02J92fiJVLXM_qM9KlxrJtrxiL3ncgfXw-gn4a2dWG2n1tbrxzclAxKGfgIJhMS-DaKRd6To8xEl81KBUsHwGkoZiSAiYzZmwKR8x3rGHQomDQcgAtx5MLekl8xOOd66pAMrliA-6KWo5kxb2rIJX7wSEB-axsi-KgOOu7hlQJ3ivSxK6ouyl7XFGJCps_twwgDw0qx2_HsCATuiuqQxWYa88-RAHBW3pukzEOBKNZZ_He-mPOB8veJZPFidT4andM4TwykFfLy5txpEjXfu7nr2j6q6_pYZVVYDdMr1X255JRAwJ8uRM-vS-7JgkTES8Gt5Fo2kebsSIc9nlASi4dQPlbbrBdPd9W8MQlKaA9D25f14Pa1V7F0c5Bkpa-umY0hgqONSwuZQ1mu3ebLUSdHb8vbJ7RDwHm4-fw704niX0gp2NLBUOCuxcdb6WV5U3Hds-XrnISDk0KrBa9i4zQng2QTWTOFzkI-oR8XGBw_OfxdtUDW2R_dCjOm9iFxsKdcoPJHr2uDwsXVdAaVHNX85IvdOQGSNpn-DXHBX0_WP1YS8dNuyaHDhKUb8WjeES4DUj5Na5eau_aFFKsDbnCh3jMiE98OXm-3cF4DrekD1GR0D3ljOF9yJbIlYv_RtQDQaBTLpMo3s76xz--hIFcaC5IMW0D97zupdBdx7Dr9B5-77szwSStVnxEt-cJGbUiIbXFj7YR7Yu4V6oNXLbotpjwtsCTJfmJrnA-72zdUePsYHOW6VgfGnAboXyuHBroc940iQFSGXw4kMZGgcyR3V3bT8yGnlq5g5qNbe5NHxGFfNFGNUJdmji-f_cGGRMId3U_m8gDOvh4noob-4d9OzHCeVRMZGHTnv4dDz8YhklYVSFLtfD7Vq3j3TSzevLkhmmyc3EM9defMgfx3Y9L7DdDMWPeGSl_Jw8OFfNZXlc-_i5hykru_iP6X2g15vsXogxt6qdvdsbpo0cX_fW5jW0hmlB9QXq3oCAuksU0TynRlCicpaJt2hPnPDSSu0rRuPqeIgCSRgUOQGQyQtg53yo1f8b8fkXdxsRW5EcskuwOzNdjpgLpHzmh3b-FRW9VK-LXBNo-bcrycYP8TgaSxOVcm3urQjE4kVp2GlayIAM1vP34zAuMu6ej13PiIeCtffiXrmr9H_2swFmWXM-l95m0&cid=CAQSOwAvHhf_kFhBiEyBoWPZZQR4wqW101zylE6J9n4m7p-F28FP2jNMSt1kl6nVXb9zzInP6PCkPj3_AQl2GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=14108558864458732000&adk=2013371550&idt=79&cac=0&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:44:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4E40 31 KB
12 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E40 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0DAD 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 29 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E40 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1aaffa3128f10695d1616f5412bd503fe09f8c03f191492cace03414aba1c52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adcast_ Show response
fundingchoicesmessages.google.com/f/AGSKWxUz85wrNKe02duGJjUoY8FhHiYB2rEar2CZSUQd9gkA8AWpm_milB3xUToX5iqMYQFHzCpudAV9e8fLx_WnWMmdAfw2XiJ1uo4CbhWWewjJg08rLLD6K4Kz5Ebh524fRm82hNUs_1PWRMi7Pjz5URNpOOyby... 54 B
109 B 41ms
40ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUz85wrNKe02duGJjUoY8FhHiYB2rEar2CZSUQd9gkA8AWpm_milB3xUToX5iqMYQFHzCpudAV9e8fLx_WnWMmdAfw2XiJ1uo4CbhWWewjJg08rLLD6K4Kz5Ebh524fRm82hNUs_1PWRMi7Pjz5URNpOOyby7-tgBp8hIrmSWOdv8drGBG6vV2rTDog/_span:-abp-contains(Sponsor))/adswrappermsni.-ad-content/_150x700_/adcast_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bf2473d0898e258bab0dc233eee130b6f3bbab3dfc1927c1c4d38ed44e222a6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0hMB-VqlXBtBaVLVuPR4qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0hMB-VqlXBtBaVLVuPR4qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 84 KB
30 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30828
x-xss-protection: 0
server: cafe
etag: 1270192977547311863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:37:45 GMT

POST
H3 204 AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
39ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Qc_YLgCSE4cRMp3wApR2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-1Qc_YLgCSE4cRMp3wApR2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2993 38 KB
13 KB 26ms
26ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 224190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0DAD 35 B
463 B 81ms
28ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIiHxV4W9ZFWobMErf5P-HA&google_cver=1&google_push=AXcoOmQEOVjxkPFv8R6PJhVE04l1rC6iQ9ACK9Lg_gCuy-YDJiEAw7YmprhfMjCLCwiwKSedL0H3dsoBHSm7A7Iz1NfDAQC76U6svA

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0DAD 0
104 B 246ms
103ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJkrCqOxl5df21MGajDvM-E&google_cver=1&google_push=AXcoOmT4NgoSDPD1PIXDeQC_Cr2ZNPiISl9RO68WHq-DoDhfapft6Vn_G4oOS3aBe3QzmIBqf9PH5QgCQPZ5D3Gda_9SozH-YFHO8A
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DAD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKDdlJfLXwHiDX2wKf6XAHo&google_cver=1&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCbsD...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKDdlJfLXwHiDX2wKf6XAHo&google_cver=1&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg3ODQyNTA3NzIyMzc3MTM1NQ&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCb...

170 B
232 B

48ms
48ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg3ODQyNTA3NzIyMzc3MTM1NQ&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCbsDoeWUdJ9JTOKTi8lMeaTWiA

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg3ODQyNTA3NzIyMzc3MTM1NQ&google_push=AXcoOmQEP5WKviS1YDizA5DWrObSY4HnWVuOgmsqx65ypiz5FhVro_Jw0ER0cmzzAqHkEzmLmdQlCbsDoeWUdJ9JTOKTi8lMeaTWiA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DAD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO_jSmFmy2PVeTOsSLav82g&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO_jSmFmy2PVeTOsSLav82g&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmTvIGHGsdRKK22TPDDpIes5EhfS06he_...

170 B
232 B

41ms
41ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO_jSmFmy2PVeTOsSLav82g&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmTvIGHGsdRKK22TPDDpIes5EhfS06he_dqU80nwgwWBobVDkCLY3f7rOH-fWbkKqzZPYOerd8e56MkAPIcMo9c86vBqpYLq6g

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIxyDDdD11kBmxRyzUXm08p6K4sSdSPcR7bSl%2B9RupB0iklDHc8utAhfunXU8aozKM8di7KLhiueF2R%2FVEiSwhi3ZEhQmBLeaPQWuRcVWoKxEfvsZDGomPncrqYNQHi9%2BhE3CDOmNg5e3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO_jSmFmy2PVeTOsSLav82g&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmTvIGHGsdRKK22TPDDpIes5EhfS06he_dqU80nwgwWBobVDkCLY3f7rOH-fWbkKqzZPYOerd8e56MkAPIcMo9c86vBqpYLq6g
cache-control: no-cache
cf-ray: 83cdc544490558de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DAD
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENn9g4VB_QpYOC53swInLAw&google_cver=1&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqC...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqCB...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU0NDcyOTU5NzA1NDk0NzM1MTgzMw%3D%3D&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVF...

170 B
232 B

43ms
43ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU0NDcyOTU5NzA1NDk0NzM1MTgzMw%3D%3D&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqCBTww

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU0NDcyOTU5NzA1NDk0NzM1MTgzMw%3D%3D&google_push=AXcoOmQW7SSaTOKYPG7EXqs8lwfew_x5-8gXWfj3MVKZbBEZj0DTDrVFOxBEiJdaDJzpo7iOBT5gBYC9TiYiwvSae2RlKQhTqCBTww
date: Fri, 29 Dec 2023 00:01:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 0DAD 0
44 B 39ms
38ms Image
text/plain 5.196.111.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENJ_cvpCgBZxJh1E2RHWjWY&google_cver=1&google_push=AXcoOmQMS_z-awKc9EWveEyNiQbWDnq7-rW1Em2jQejxP8qNqnRe3zZk4ibtvug000ANFstKSEIfhyxf_Cw9iL87QzAGYHwu4rtyaw
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:47 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 0DAD
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPl03h8Muo1h...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTL7KSgKbbJCRUGKxuOcJPPOyFJowl9MhNpYDpUMCntFMzl7k6SYsEB37LMcmu1yM4X_w8YixnPxxUHg8LagzYDGpyxYb28S3c
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

63ms
60ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 29 Dec 2023 00:01:48 GMT
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0DAD 0
50 B 36ms
36ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYvDQvnrcspNN3J_-YFEMIebJ4Icbn2DWtu-sSstrv_kllnaDn6ae_x8nC1c6qtzb-XqxKCw

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5A9F 31 KB
12 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFVZ9V0ytgyB-0IXec-SE8y0F72Xbzr0RfXQGl8hM_aKWm-ZdO0cC8bP0wRkwUKpRRhRBIsjhz9ckxx3D3i25fYf0L0WpkDtlPBv3tCnJ1g-yQ_oW4OKf6R1lcA3lX0qwhqdh4fi2YYJ6kdroSQ3TKj4sifqG1Fr-5Clnnyzbc10c1DrA&dbm_d=AKAmf-BVlev4l_5Iov0txgEOHDu9RhKQt1CQ6J0mieV4WTsKvkWKxiTR6_g6K1-suSW6j9ZqIIIcoyG7OoQ5saWwvKvPLcFAKzJ5XIOzKX9ir8U5Wwop0lfImDpmY6k23RUeN1fcRlsmQ-fNXy-UN_8rEHSZlfLp6miCgx_tZAkYeOLxtOANYtZlYNipkVSZUqwb68KTFa5nLWGtdFyHHHqH5rOERETMIz4fUaxFy_qfcULTM1f4T-Zy_Lwl8teHLrDsRxxxhM_i0jhcZoyU4ykIcOHQcD66WNT9SLoBDydd-CFDzolZ5EoS44yGg_5JKCC2z4wS7oXmQMHY2XneKnrJk5C8pCZ_d8oZ0S27jd59-9M6f4w09LyNkzUWP-Q6XWMltAeTOQhWff1N0dgYCmXSecxN9lF2cZvNRx1xA5qEO1Zjh8dFMaiMH2KbPqW900pVa-htajyOaVqpP8I0uwl7nVNaov2IE60Rw-ORANeEtHa54MFB5bJ8vDRR7ISA9eSzyPRNHNrHUXx6gOvbIe6wxVLfoe2vf6aN3h7UICrYNXiJnHkXEJH091fYihtGFip2ibkNDkDBwsyc6EtilFAg6qAjlj7JHm0XoFOe_otQMmHA9ZSTjzcbmnhHsjKuoTSCJ4qdLoHY8oekR9MPvgKFIBW0urGi5P_cN-nLTXdvyTGZd2S9CJWSFjxOWTUNw3y8PlnwKKKIL8a-P2t38hCBZ_urzwPvDuycrPVWS1EkpU9qm-wdZ6BXb1gEpSIGLsyogpwt5Anixg3I6Ws5vyaFqKv2Yv1vuh_JYQZOrF4XjnQE6d2m8PXql2cnj6m86FXkPg6M3RdNF9BMRYO-oo_R2-JDbcKC5fliTmHaPHoNnkgCg2sVJzC6uA5FROqVkCTeZA34QedUet7f-pTR8EaWnfVjAjHEBsvHTA2-OD-jLMxiFfmcj0d1X9k33mFlyKElT-z6AuSWiv2CzVLHWLDcOsDLTVdpvWq_Xjg1gL9Z1vKcNA_gAd1vPxqezHeAaDdautNqR8Xy5ghaB9YMPvZGbSNm7rDUBVOj6crEpyR_yNOievy-rPeRS3N6UsPfGQjuBabe32j2Epdyek-JXowKUxzded_2qrsq1vnpnutX86rKC7vBZ650sRNfCiduj-5MK7esCBr1ZmfCkPhLLhHC_T2lxTT0mETBW50BLpJA8eaG0_40Nz2jepMRXPro_GmNQQu2SAKk6ys6WakGEUXcSByjH29LxDXkKCQGGM87gcDeMEKlQr3g9jYi--7F5xikA5jih2JxsmZPd8Pwq00PIB6oKJiqrWJP1XYBW8Hm4cg8a4EOW2z-Y7TLpa-KWfGZ_3DCdEw5hyXDRdRhtKvG85uonx97ClHWrGBBZhUBgE_dMbSg_U9052P6g3KnxX0qLR6giY5-J1d2yjNhE2K51lcUIO7A_Qo39nIj_fqSHO4W6xTJ3kE_BI9T6HfA9ovM5aXNAZA-uhKxz3MyWpDNA981tUYYE8I1MAszuByHuBmM5t85jIVPEhvVZkROFti5tzbUwWTWJsT_tNm8EF_fpX0FN1GBtbd_C8uJ-eYgJx_Mr2lttEFgkydxcogQ3yC2Vs0UwCWG8mFogcT4dcSKwmaZaypvHJB_tl5WFDGyPMr9LUVLzqf0y9DX_U_TxSla3-Ga-nO3FLnle-Bu0eODYsBTORb44maOVdPoQcwq1EBUeqfMHNaGiKeqSLzeaukUZcBd03MnfYvXqwYu_NdUeZaUTF6E4HmlGsQzWTjIWBvzGk8vgenHOyrI19MlF5tiId8huchifF6Fm2Kd48kdsKyBmTEKsNUuFPmAwg4PKFaAdyD6FxHEUbw0enIGicFz7hsZ3G5iE9kNlHE_tSi7tsRGmLWxSgFT98rNF0r6kY18QTUrhCsMFZO7e9OQWWqUjLkmgB3RYKwR4vNY_KmT5DHdT79HzaxjC2AB05cX7c8DzgUY5Je0N9QeBPQOcjVnw2DGQZpsPN3z_fCnSQjDEiUKS6YEQvxeAYKVWzXDggNylOqHL8pCphklpE7njPbnr9ucBr9Z3GU9ixPQje1KTQfiyoyYNfWvM_JsE3sv7vQ6wzBBMMOK6ASHOp2rT-6UmGl1ujU7HHwBQ-EGqIe9IJiAMV96_5_GgDUDwj6xuYHzB6u1CC1_mth9PvhQfeJSr8vzXzCLexa8reZSv_rlhSwvyh1GcOrIJ5akiYaitAnIV5rAmKoOxLLwCRTWThSdTr78lo6t5DQ1X6puts1BnCzHUDKciUsNCoP8Xly2v_4wGHTCzCd2vpKgzuLY1oD_ZGeEhkTtOtfUef1NenrovKPuhUR2nmVGyq9-Sc2fXzbspPq-U1i_cMZ9gbiTmHBeAsxflkh3bYZSLWXtny3ySaoz3fy9NtefLl055BCeCSha8HKtP-vxNUdRGYaL5aeLZ7eGN4yWyow1pYxH8HA48CRcWoBM51wm28T2Vfm1TSk6arFDoaXqkDg6ZtngCEoCbVsrFBPjg7LkHWkh30EOTz3ZfanGuUjqrUidRF5rdkiHwZYZTIudlpySo5-UnoCFdq8KCrF3EUrXDzPCzN9o-ESlROXPwz-joWQcxv20lIcy6_g9r66KdOwtoGH1yR4tnjGsbxATK3foddDM_KyJG0K4JyUqGgfnqzUwXNfvkM4pwtJU_u3ECAVk2_89RziW5wRFeOqJ5BGEszts4fzTFFPVEYyhKGsVawhDwEtKXhxoyfUP85DxCuoSHIed-qDeEZ-0hs-kkIb9t-X8_VnKA7tpZOaXKUaJCxt-NU8r_TWi5nWl2HKHAHmRdpkibpvMb6CP2cdzK7k_Uky4PSsqXX-OD3G7gP-SbLXOyLGW7sKEvDWObweToBIYTHvhrBvF0AUT8QznyXrqQlZ-1boMLxFYu_8vRbX8Z0bDL372NT3AJ8mXelAS-v5KyLS4f2RgH2fwtmWfV70dOZpYYTRvSPfEIHKb9gxoG1PHA2jtJ1-gk982At2QTX317iXTGKM3swyihCA2-IgwOPzmAGvCH8Ch7dk5zX4fVGSm708CxCQ0b0JK7A22n5Sy1ub2CRBS5tP6OkVAeRF8jItDMfNZc26gmj-KXYL1Sgh8brsb5tCpSz0WIhJ9yivYQSQ2Xi7vcfH95dnVZNbNFM--ifE0jRJtkPoHDI3JU5CsnF3nUCzsm4xyOJBUWkQhgqtDhT-Db4a2N79Wp5oDZ7DyHmOgWVMCvtg-elfAu-bfj-TODDZSidJTX36prp5arSZawMR-eg6T1KsGZ2Xd7ECECschI51wV5nbVek6S4A_eaKhTCmyAlyI8pF2-OW6orM9dMWWPlSMCpgXRABzabrR1M87pYb8CXI_jlGofSZoS5xwCphkAYjq2eX4lQI-GnuxCTxEixfTXscpMKrRTAb5vBklW-grnN5Vrx2ugyLprC_EjyruHbeq-D4Ji43Z3QgW5iE2Gk58mG6CLmmY2TKEDzZFMeMO6Kmj18EnZxL-5RVH1HwhRimx5-sHZncI4mPeZ3zHi1B0Ij1a3ioj4om8yry5WLvLAhsCjPOKFqEkIdakOVM3lB3kSy8dzd6pwVXi56pmmyMaQ01_v1mwMCnmosWXiCOXIvmotXG18YYcbwWL7dv28wBF-O6D5QLTreutp7--LhnwUF622CibaG2VUL2avYk0b2oopIkjJrl_wkQOyA31b7a_xhnYiz-G09DY2XJGE9Y_wt7poPZyfMuYnhFsTXKzTwjBwAz5h4Wgm8FE1tWb1_3CBP5cdiATiKjQuC5mS26FMI6vPUBiaIEQlzWJjcf259WTEXTFiSjc81zJhR50YWAhDh8-Kf6TLhS6w3jGwhgqbSzdl2YR6UaB1g-G3ONqk7YkVvJ072-6QVUCrGWfvok3QnuYlhXaTI_Lc8nXocSuCJytgWD9MvheyuBIkhU8OorWrw&cid=CAQSOwAvHhf_Mye3FSapGv-LBY4m6gf3P2GZ_78MpttOV0FhOv8hqz3-pXtSfgAmwk5tqEydfKi-P8z2jQeLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=12550048584718799000&adk=4020099330&idt=138&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:43:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 5A9F 11 KB
4 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:44:08 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A9F 0
0 160ms
71ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupl1triM3PXb8AZMwlw2tjoob7J7FLMYKY6GpJ-eybNjiJXgSMD_2sKbR3znbz__1Pvpn_xzyaDMDN4WzWJPZBSYYp-88azTsZToGAy7XEdfeEv0nlHuJozz_V221ZSlzNhUuzHYq1DvZNfkpzeWnSTZny9hJKSBOqISIAAAkVqJ1DW8Vyt0R42GnN-E1HxPR6MTmNj4oYt3xTvu13LDj1JwcKhZIVDwhvxWEPQVQ_HoUKXWWytvPa9-Z5YULNVw79oKi4c6iXz7GRz-NkGWC3lLKq0ogxFgVEZS4PSb-lUMJN0Ht_Ff8cywTy-YANu2sIk_v4WcA4T1lsW2gHOWVkgOsjwUc7x4r-DlexAkubwvp8vSrWiMv-ncmm-vD2RWXA7fJHbEWaN0_8WrB9PLLHON5vfCFKaxZI__9ZkYc-hH1UAIwbXVqE4ICpja0fza6cm-oW4IdWqIAYYn8121zQQgdx03reMVzt4oarZeJ_wrf_-sHA4UGG6wopASToXxW44XwVPalaMtf8f_panl-R96-71HdFGPf51BZPsV4WRCT4ymyHls4AA2yyhPjI_zJCpQI0nZ8I8736ox5mHSNAVNYNAapwx1Zt91xRjTeyMSFSe-ifZksd-_my7fR_YjH4VCBUJimMGeVHNfAbhVbAEGudrDV1x_o4l06CIHektLatvZt34-g9eFfRSs7zU33XblSxm2eUmLMoZju1It59sKv-tV9WvtL7lqwWbnZR1xGiQ-ud-ureBUmCeVVmxvweh2E5_fylAOrv0I1fVMTWG-53XPftgVcT85syt9s0lWmNQLiMkZ3aaTDT697Qj4Y9E0XagNTlpi9rcu11ygdt_a7JLxT3gMy5FZQSGA1wXsLgku6ua_nZCP3QObfuIXIrrkVXBtd-heV-2kZrUkDetby3a4MZh8u_F4UQiN8VH60Dvawn3_z90792UnrlW-OWKlXIpeZD4aH_bz35Pjbaw5FDEnk1bUjj8lzAN4lffb67bri5BnfVRlK2otsDKxzOfaEXYGBVA6BP0-BMqX_bEgDpXbeQJ-eIHH6rwKBFsYw9Kzh2sRYwvhR6agGdG0N3xFXo2n8DfXsnuIBY__4r-0wilBLACaax_5hnYFoy7h9iedRMarl3ABLZrINVuBTSKgrjGgk0A-3wrzYrj0PvYnCgs9ft_0OZIincEscV1mbEzD-x2cRfApy306uj2VndcnFHPGmoJKs_syKJ9jdX5SdaMI_BV8MllY5v5xbBfIGYQhhuqnYVRzH3FKFpx4hL0VLdkF5XmG8lWk2oh__uw89poGuo5XIcKkiJZvQwuKs1dYadb0t3os9Q7b0ipd54bcur9g_ES7QBF9Aw2gosW2uyyK9JMy0fqF4ADNud29YrpjSZ0u2JpNLEjxTDR1E2y33Kw3ifUx5I_79N2GBJ_GSCOXapT2e-CScvw3Bq-9tEdHpV_B56Y7kQnqrNxE9x9kggqHs8YwQUT0vuqZyccRs&sai=AMfl-YQeC0BH6YTfexNyPANfKuYmQfxYMx9M0E5_1kvsUSAoWLCHYRLU03g9hLNA-O-1mhn82Qk3433Z6iQLVchPOHPLhV9eJk1HlSbIiPt5Aadhz9xcmxgLyvfOnm7nSNLNDw1JsooP_4-IWpkxs8EiJDMYt8xQdr5WuGH_xzY9c0sLcsjiEOYCPGy2UBWUZVWb035LY0W7QzSC_WTJQ4tQR5R_fNpR0J4xHA3-zUHm_D8HsLpyHShRggSLHsqCR9uq3e_l&sig=Cg0ArKJSzEMJLwwLtsDzEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.88892&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A9F 41 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H2 200 8044784235198242242
s0.2mdn.net/simgad/ Frame 5A9F 58 KB
59 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8044784235198242242

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 08:16:46 GMT
date: Wed, 27 Dec 2023 08:16:46 GMT
x-content-type-options: nosniff
age: 143102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59828
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:33:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 5A9F
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

27ms
26ms

Image
image/gif

18.159.23.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 18.159.23.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-23-230.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 00:01:48 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Fri, 29 Dec 2023 00:01:48 GMT
Last-Modified: Fri, 29 Dec 2023 00:01:48 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 928C 1 KB
643 B 28ms
27ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 29 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ 50 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 29 Dec 2023 13:41:45 GMT

GET
DATA 200
OK truncated
/ Frame 5A9F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66d79d964cd67e54c7acff6720ea45109e390d87efb1b0f8adbb821b0e68b9fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST csi
csi.gstatic.com/ Frame 5506 0
0

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 88ms
81ms XHR
application/json 89.149.192.192
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.192 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 23 KB
15 KB 247ms
236ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

15469c17bf0415bdda64202ff94b4205b33b624e307b4284a199c067c28c7917

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
an-x-request-uuid: 83e09c64-da81-4ce7-abc3-cbb404251dec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 26 KB
14 KB 300ms
290ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: b5fdaa0878411022c496a149003e36c43144b6ee18424ff3269cd9943df95a0b

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
493 B 127ms
120ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=992495
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f5ba681f615291c00950ef6c84f774a2a8608dd94a498c176c926e4e2a07c1

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tctisBpcglXxMBU%2F0gmO5He5itixTd3iyJYp%2Fw5kKySu%2FBWL7aw5xhkm%2BZ%2FTqwIOfCVYeNYfu1ODxYllX1XGQvNK8kFfJrtrcxO%2FryuiPR1IDnh1zPNbSIONn3ktWtd9y%2B5mlScZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83cdc5448fe558f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 381 B
438 B 83ms
73ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=419424&zone_id=2374112&size_id=15&rf=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.domain=cultura.uol.com.br&tg_i.page=https%3A%2F%2Fcultura.uol.com.br%2F&tg_i.pbadslot=%2F8804%2Fparceiros%2Ftv_cultura%2Fin-article%2Foutstream&tk_flint=pbjs_lite_v7.52.0&x_source.tid=c840fbaf-a339-456e-8a2c-b4d64a6d83af&l_pb_bid_id=67ff6790eac5675&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c840fbaf-a339-456e-8a2c-b4d64a6d83af&rp_maxbids=1&p_gpid=%2F8804%2Fparceiros%2Ftv_cultura%2Fin-article%2Foutstream&slots=1&rand=0.016309133392630626
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 93df8b06f07da4c108eafe01a55d8867c500308acf1c5e695fef7cd94e3cdd36

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 381
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 204 AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
39ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-136R4MysNVVK3Qa8HcJmXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-136R4MysNVVK3Qa8HcJmXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 73ms
73ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_fzZBZQE2vro1Ipfcgzhaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-_fzZBZQE2vro1Ipfcgzhaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
74ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQAYWSI4qc7BFFWU5w6x-cWmJI2pC52J1UWD4JHJ5m37H4W0Nk6QS-b3yyjAUDe0dV0hj97aCqaSA6bX02ZWEQvlX5XhAQhcNXy5-LB3FAyCUgE6IUrrOgL-wsLA7uV9j7bPBLTw==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mhW95RzXJmG2zGuH_UTGug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mhW95RzXJmG2zGuH_UTGug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU7MvPPxOxdnqkWFdTD1qy9x7Xfw_YJRMGghf_qQ-2GQIizr-PP3d75iStlJLCOjvZLFRRSAlkJEb_ca2lUp6jvETrIgc5OjuYQFz7PHb4Ed6Aualslt3FZq0z_MtLvIPL3pOMFng== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU7MvPPxOxdnqkWFdTD1qy9x7Xfw_YJRMGghf_qQ-2GQIizr-PP3d75iStlJLCOjvZLFRRSAlkJEb_ca2lUp6jvETrIgc5OjuYQFz7PHb4Ed6Aualslt3FZq0z_MtLvIPL3pOMFng==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODA4MTA4LDIzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY3VsdHVyYS51b2wuY29tLmJyLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjE5Il0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

663bcc73f2db460d687103e85956f0825b614408294417aba92030e58b13f09e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FDTgJxiu-XC5Xawx5lxbXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-FDTgJxiu-XC5Xawx5lxbXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2993 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C3B 38 KB
13 KB 25ms
25ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 224190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 928C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VGlVZXJIZGIxUmowalc1&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cver=1&google_push=AXcoOmTv_Qmv7aneY_fO00NRAFkaZcLc1jTtiCHFr9wd4rj...

170 B
232 B

67ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VGlVZXJIZGIxUmowalc1&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cver=1&google_push=AXcoOmTv_Qmv7aneY_fO00NRAFkaZcLc1jTtiCHFr9wd4rjS6-VRIQhMX9g4aeeUWPQLA6akdPtf4sXzvunC491G0qs4ZPgp506npw

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 00:01:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VGlVZXJIZGIxUmowalc1&google_gid=CAESEI-UVaXnSW2kLXB2RYOutwQ&google_cver=1&google_push=AXcoOmTv_Qmv7aneY_fO00NRAFkaZcLc1jTtiCHFr9wd4rjS6-VRIQhMX9g4aeeUWPQLA6akdPtf4sXzvunC491G0qs4ZPgp506npw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 928C 0
173 B 99ms
33ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDX-rgTAIYrXgbEA_qhP5bI&google_cver=1&google_push=AXcoOmQL9ObkHRhVwyv0fc6aC0v8adLnVvoFRuXeQ90SoolsTP2GZ02g57cxI3IHTyi4C94jLoxaNxn0d11Pz1d-PSK5J92Dil_FJw
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 928C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDoll...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDo...

170 B
232 B

49ms
48ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDollPK_-3_1n79d6pt4kzH_XxQ

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmShgMpLK-44PkwHdK1X31Zwew5beoqeOG6_Sb6vCk30UKnQZ-j0BR125D6yKnuG1yJc2m2XDollPK_-3_1n79d6pt4kzH_XxQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 928C 43 B
94 B 37ms
36ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFiPGUZPLYYSnIg0H7DHNMI&google_cver=1&google_push=AXcoOmTN-F7fkU_FWN2XcOJg85Ad1xIg6Ek_hmzlC3QXNLqqcJFccXc_ZJhDxY2AVH6KFrYcoS1LDfjgqN3tsvrHWi1way5oIfwY
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 928C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBwjF80kf4buiJ36_7yaBKk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBwjF80kf4buiJ36_7yaBKk&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmSvm7chRb2-qHgpmgL9Ba3PcvGId4jA1...

170 B
232 B

40ms
37ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBwjF80kf4buiJ36_7yaBKk&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmSvm7chRb2-qHgpmgL9Ba3PcvGId4jA1XdnvCVbeYzDT8P37KPSUlzCq3vYsgt1rSo9kJn2RfxzkOid4avqXIhtd1RWJkU3Ww

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtmzZn2y%2BYAv88lcsuhnC%2FyO2T0cwP14qMfGRniZNpwMX%2F7qLgfIQQOuRUiMpV20NOMmYRbOeOFc9sVWJ681foH10qnVYP7F0ga2TzOEigIOpJq3sYqTb4odslpHEb2gamR%2FBQRqFLj2aA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBwjF80kf4buiJ36_7yaBKk&google_hm=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&google_nid=index&google_push=AXcoOmSvm7chRb2-qHgpmgL9Ba3PcvGId4jA1XdnvCVbeYzDT8P37KPSUlzCq3vYsgt1rSo9kJn2RfxzkOid4avqXIhtd1RWJkU3Ww
cache-control: no-cache
cf-ray: 83cdc544996558de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 928C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxo_hbVME2_bh3_9ryvS9M&google_cver=1&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxo_hbVME2_bh3_9ryvS9M&google_cver=1&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy2Ad-BbDyfgk8g&google_hm=H5jBpGZHkoJr5QBtS1id...

170 B
232 B

41ms
35ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy2Ad-BbDyfgk8g&google_hm=H5jBpGZHkoJr5QBtS1idftZk

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 29 Dec 2023 00:01:48 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTGe_h1BFBcZIKW8ZU3wu9nmOvBXhkrSrszhTIieSmXCvSDnuO0P2Q-Nq3oCqTxofpmNmuUMqTUt4Q8ktDjy2Ad-BbDyfgk8g&google_hm=H5jBpGZHkoJr5QBtS1idftZk
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame 928C
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEAHnLjCM6HZn2J7WVIMXjfE&google_cver=1&google_push=AXcoOmQ8c3gx0wpLxJxCWRij4u3I1ctXzRb0GqaNJDn1k4c3_8ZGYOpqvJovERA-FJ1OV_DXXOkF6hToxxvkpSu0mwys2ZuNGazKCBs
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQ8c3gx0wpLxJxCWRij4u3I1ctXzRb0GqaNJDn1k4c3...

43 B
921 B

76ms
24ms

Image
image/gif

141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQ8c3gx0wpLxJxCWRij4u3I1ctXzRb0GqaNJDn1k4c3_8ZGYOpqvJovERA-FJ1OV_DXXOkF6hToxxvkpSu0mwys2ZuNGazKCBs

Protocol

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQ8c3gx0wpLxJxCWRij4u3I1ctXzRb0GqaNJDn1k4c3_8ZGYOpqvJovERA-FJ1OV_DXXOkF6hToxxvkpSu0mwys2ZuNGazKCBs
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 928C 0
49 B 38ms
38ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuR3US1QhQ_lgrU8DZS5-cO1nhgW1Jmuagn6Ky-7_janfLgQz0G3BmpOCEa-6sVZqkqTPMUA

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11083941645051375757/ Frame 989D 30 KB
6 KB 73ms
73ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

180de66a00df64885871bc09f75ea561459dae19f4e4f4257612027b510a9ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:48 GMT
expires: Sat, 28 Dec 2024 00:01:48 GMT
last-modified: Tue, 17 Jan 2023 12:32:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E40 0
0 93ms
70ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2ZIx-deFQOxogHO79lXk-z8YwOJ8YzXOMvPfRklaqggL7xDvZBO4Iyj8waZyhlR-m8t8ZE5vMIfPOJifUmN7MZMf1l-IGoDk0uPODCAKUeG1F59qWBg3JhujVmQVBQ1GIC5N4zCmazZll8Wo845Rq0Sr-GbPejm2mV5HVlYW5HCV4DQST06ZaFEAhdlieiRYfd7FsNzkOpYipj3HYmBtb31pOoTAX8_pm_QRaLkawsZDXbe0wuC_uLa0_S5-oZT1NPnLufMjb2b0jUHQayUxFWqyUD688h1HcjqQccFI1dUUJHRwwpm0WuZLQm83LcAgzppba4qUS53NfNqScFoe5NjqNGkwMVjWdH_Pt2T_FvmC0t-sH_1shWEEI7B7mTfNB3-FA38hVxznXhfN76HKAuLeIZpkqjD4_C80vmaUU15s0gOMVrbIMBygJyuQrCliz1XuV6zOyX45FR0d2a3OHRYmrYI6_OZucaURaLm-0MpYlLyGwVaem8NnSnf8hsuPQwAqw-zZPhJBUDwpN1P753qVsmScdfkxBr1wU56RJc2Qtb69sRmG6rMPCCMaDWhykuogJCwKSZNWLiVG9iw3aCCb1ycUeTJLghHc5bBvY_vHG73KA2XYDyyqXkwFeLUV7OzUyqlv_UvfwFoptX8lmCMCWarhGEUS7_QkyJD-_p3iJa3SG2W9HMgImJFq2GV0gKdcCgE5R99GT44H4Vef3Jy6J9kvS94UtKTNRWX_Erny4UDcudRREEmLUntHils3oGLjKZT8oCOpYwprtQjlGTYkp-s78nUhkVBj_KbNJHjbgyM-Vga2Ybhden1uVByf0sYfqYSAHxNLdslfTRSqK_BWzby0ffRmcRW3NbUbvOaE2XnwJatWGK4iJquXmgWiZ1h6XcdW80hH_zUSTCL05p7q7ZYYQrjY2Pm7v_S_itz5PvnlWbpn5-fjUCbT34SIEOWy84VqKJrwZLjz0PJNQwHOG9xYNy9fg4IJyA6ORgYfoefNq6ORHc0JPkAEM5xLfokcPypugoGCYX9xi-wszYaqjHTwzMhgLwpbjsa6Pm4oJ-LtpNRFRy3eETieT8KUTDd6GJ4wR0txHAoaOTWD92Fs6VaokfE-DW-rkr1d8LiNfxixAHeTRF-Jqs42mxTBqpq2kJmwIA2fTCmuP3QYjLYEy1BxEGmLPASPdh4lDlGrvdOD2pIvRus2VKFHa2uwP_nJd1QvGN5JhYMPpXQLh6A7hJJhdBzC4FVfYgf1iyPIja1Lgf_xaTTXIDE7jFklX8FlVd0s883iq_4H9joDsG9aMSvDg8Kd8zk6zrTT0FSE_kJI5je2EjHhqFFrgHsCVvZEffTZ800vTBIsoYdvd-_TqXCRvLAA3g6cpi9xvxBW5NWycG3-e7EbdEGMb_A0K8VohKb2Pzlt0wlMUv7z-F0QkPz8izJS--Gwj2vuw6aVR91a-K4dWgVfDKMkAATlMJD81C7Y_f0Rx&sai=AMfl-YSAtpFg7FKUKLpQRYokolUSA5224oP2HCQ1fnJdgSYYqFZYSwHk9YWeCLeUBilA3gGVJI91zMJobNQVJPjDMoejPoxaodbLcuRlxwgiQxBwORvyGlyTZRIrCV4gspxUzCeuJaJu5qnvJQLuKgbFmwtmVI7kCb_8cn5XS5N0VaMkw9C0DKK48EUTSoBdWs2X9DVndWHBjeWfKVNug4_WGmUI-k7brYb3vn8MyVM9bQGXqubpVqZLGNxbbd_0meAZEwhf&sig=Cg0ArKJSzCUxmLZRZ83IEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=104&cisv=r20231207.13558&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-54-77-201-83.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 4E40 60 B
60 B 147ms
44ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1014264744&extPm=519145521&extCr=20589622211&gdpr=&gdpr_consent=&rnd=766327241

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 00:01:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 29 Dez 2023 12:01:48 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 923
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 4E40
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183575173&d_placement=376139746&d_campaign=30665181&d_bust=766327241&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183575173&d_placement=376139746&d_campaign=30665181&d_bust=766327241&gdpr=&gdpr...

42 B
733 B

65ms
48ms

Image
image/gif

54.77.201.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183575173&d_placement=376139746&d_campaign=30665181&d_bust=766327241&gdpr=&gdpr_consent=

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

54.77.201.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0b83a3e88.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: cs/zlXa0S7E=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-099548ed2.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 2ETONEmDSCw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183575173&d_placement=376139746&d_campaign=30665181&d_bust=766327241&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A9F 0
0 80ms
64ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupl1triM3PXb8AZMwlw2tjoob7J7FLMYKY6GpJ-eybNjiJXgSMD_2sKbR3znbz__1Pvpn_xzyaDMDN4WzWJPZBSYYp-88azTsZToGAy7XEdfeEv0nlHuJozz_V221ZSlzNhUuzHYq1DvZNfkpzeWnSTZny9hJKSBOqISIAAAkVqJ1DW8Vyt0R42GnN-E1HxPR6MTmNj4oYt3xTvu13LDj1JwcKhZIVDwhvxWEPQVQ_HoUKXWWytvPa9-Z5YULNVw79oKi4c6iXz7GRz-NkGWC3lLKq0ogxFgVEZS4PSb-lUMJN0Ht_Ff8cywTy-YANu2sIk_v4WcA4T1lsW2gHOWVkgOsjwUc7x4r-DlexAkubwvp8vSrWiMv-ncmm-vD2RWXA7fJHbEWaN0_8WrB9PLLHON5vfCFKaxZI__9ZkYc-hH1UAIwbXVqE4ICpja0fza6cm-oW4IdWqIAYYn8121zQQgdx03reMVzt4oarZeJ_wrf_-sHA4UGG6wopASToXxW44XwVPalaMtf8f_panl-R96-71HdFGPf51BZPsV4WRCT4ymyHls4AA2yyhPjI_zJCpQI0nZ8I8736ox5mHSNAVNYNAapwx1Zt91xRjTeyMSFSe-ifZksd-_my7fR_YjH4VCBUJimMGeVHNfAbhVbAEGudrDV1x_o4l06CIHektLatvZt34-g9eFfRSs7zU33XblSxm2eUmLMoZju1It59sKv-tV9WvtL7lqwWbnZR1xGiQ-ud-ureBUmCeVVmxvweh2E5_fylAOrv0I1fVMTWG-53XPftgVcT85syt9s0lWmNQLiMkZ3aaTDT697Qj4Y9E0XagNTlpi9rcu11ygdt_a7JLxT3gMy5FZQSGA1wXsLgku6ua_nZCP3QObfuIXIrrkVXBtd-heV-2kZrUkDetby3a4MZh8u_F4UQiN8VH60Dvawn3_z90792UnrlW-OWKlXIpeZD4aH_bz35Pjbaw5FDEnk1bUjj8lzAN4lffb67bri5BnfVRlK2otsDKxzOfaEXYGBVA6BP0-BMqX_bEgDpXbeQJ-eIHH6rwKBFsYw9Kzh2sRYwvhR6agGdG0N3xFXo2n8DfXsnuIBY__4r-0wilBLACaax_5hnYFoy7h9iedRMarl3ABLZrINVuBTSKgrjGgk0A-3wrzYrj0PvYnCgs9ft_0OZIincEscV1mbEzD-x2cRfApy306uj2VndcnFHPGmoJKs_syKJ9jdX5SdaMI_BV8MllY5v5xbBfIGYQhhuqnYVRzH3FKFpx4hL0VLdkF5XmG8lWk2oh__uw89poGuo5XIcKkiJZvQwuKs1dYadb0t3os9Q7b0ipd54bcur9g_ES7QBF9Aw2gosW2uyyK9JMy0fqF4ADNud29YrpjSZ0u2JpNLEjxTDR1E2y33Kw3ifUx5I_79N2GBJ_GSCOXapT2e-CScvw3Bq-9tEdHpV_B56Y7kQnqrNxE9x9kggqHs8YwQUT0vuqZyccRs&sai=AMfl-YQeC0BH6YTfexNyPANfKuYmQfxYMx9M0E5_1kvsUSAoWLCHYRLU03g9hLNA-O-1mhn82Qk3433Z6iQLVchPOHPLhV9eJk1HlSbIiPt5Aadhz9xcmxgLyvfOnm7nSNLNDw1JsooP_4-IWpkxs8EiJDMYt8xQdr5WuGH_xzY9c0sLcsjiEOYCPGy2UBWUZVWb035LY0W7QzSC_WTJQ4tQR5R_fNpR0J4xHA3-zUHm_D8HsLpyHShRggSLHsqCR9uq3e_l&sig=Cg0ArKJSzEMJLwwLtsDzEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=74&vt=11&dtpt=73&dett=2&cstd=0&cisv=r20231207.88892&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C3B 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

POST
H3 204 AGSKWxUcqyit7rCNYY_s574T8fdE4fvEUdnwEqnNwKybgkffI4KUeOkff4TjAU94Fw1iKlFUC-SwuZWzydDNUbcLbvTkWelyPHckt9bMyCrA5gZ-kbbdZ76TgB6Pe5nb-dBMsFjNmKyK_A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 41ms
41ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUcqyit7rCNYY_s574T8fdE4fvEUdnwEqnNwKybgkffI4KUeOkff4TjAU94Fw1iKlFUC-SwuZWzydDNUbcLbvTkWelyPHckt9bMyCrA5gZ-kbbdZ76TgB6Pe5nb-dBMsFjNmKyK_A==

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ISwSBqT6ZjNAr6rr7IimbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-ISwSBqT6ZjNAr6rr7IimbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/11083941645051375757/ Frame 989D 6 KB
2 KB 25ms
23ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11083941645051375757/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b31ebf4966d53fe5cc2e7e092baa5e84d95e25a8942aeb5e527dbead8354bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 05:29:42 GMT
date: Tue, 26 Dec 2023 05:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1818
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 12:32:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 989D 118 KB
40 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 04:12:33 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 989D 63 KB
25 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:01:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2993 0
20 B 81ms
79ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1m9NbAyOZfW5BIvA9u8PrNmJ-AUAAAAAOAHgBAI&bg=!3t2l3ZLNAAY3kmNgF5I7ADQBe5WfOIIUecjL8OyQ1FvccmxGJZiezlwOE03lCUmDDqDrEc6PvoRjMlj5Frn4IoPLSEpAAgAAAERSAAAAAWgBBwoABp97cK5kWJkDQaV9kpIZGIhTrGV00ydU6oO8uIf2fyVS_K1wWeEOZFnGXvoz7-Bi2m9Awt84MffT_1GI_ssOIKk7ggh5HsMCgAP8mPc7V70dfLiArzpKgUCNiNog4ggP7kKFaI2PgFQtuQGnBFxcjjzrfkwxbcdFITy8y5Pmxb8vLxbl_SloAxQ_H6Hb2J36URtoz49eO68topgjNDDmb0l0_mSrakeW-nF0H8fyD5cQWpdphK--YsCHBsB5WqfBYXdIW73DcSnBQE7pE6cM-Yn4w53O1lQg5xfnALOHBPLbPblwa0NwcA-R5TTvdlCM81O90UYP0fC-MCWYBCZRKCmimYc0_e_K4sjKWm-BtyfooHGakLjLbwz7qocSn03TNsAw1kkpRUOAzRqtSyal2UBO-MM99qbEfZJWWAinLAORBpNi4NmejncvPJwd6QFaFsO8czq2dmnrFA_D5xUm8daQ3-DHfMr8JKPJrCP28LIRUo9uynuJywo-7UaMx99e1sYHjaN-2Y5t9dPOF-VJq1wK3HdtG7vGmYG3PmxkMtJe63jvHynyiLEOOQa2a72XV10MPruPocjlZZ80iy04tZW-cNmThZBhyQ8SM0vk_tZuNo47IXh7Eksg2rI5BAcQfc9pwsRFX4J8e7FfY14dkL1TTJFIEck1qLiNSUnefNGFOewY-Q7uQjSdMVVsqSQYuvme26Cz91yeugGZcPGKncHdzWbmMJqK_xG1IifuqhCEQOS2Aq69uvnf0DgW-rN8WPSc4dt2PPHWWW4d3s07P-oQerCQW-yYtSTP0hAOMPYmi43-Hv7LUpba3whq-tvA1lR5huOmbPgnZMsQ-rY5EIJstnHG4MlO_GOGJcx7DTldJFumN5gpd7IEOy8IHMsaUElvKKUfgfz8Hc31fj5cVEU0-SwVKq2qjoVZbIKd48HzPxQFk6HaTuZPY-5_Fotm-qfrMO5xGXqkN2xblst7UGq7FfMx2OIVOBHIszI4yYF5gqODnUE58o1f9uXi_BXZOKis0D4WN-bbz1PWlb3t40ILPXrFG2PAyu6N73DtykCQYvUSSoKJireffe84STEfmP4fPehidJs1KkWiW9cu70EzJcK58CDD7R-9

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C3B 0
20 B 73ms
61ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Blgc-bAyOZfPiB_yy9u8P6py2KAAAAAA4AeAEAg&bg=!vL-lv_DNAAY3kmNgF5I7ADQBe5WfOBW_jK9cIOI_tptIxerSyBJNDIw2v6nxeLW1i7rc2Y78B_y1i3lNN3KRH-2bdwKCAgAAADdSAAAAAWgBB5kDT8PFF4-ZKHqijxLVLKg4p_OwrVVYrAGuDcMHuJZ7lIgV8AvEzCRRSrCf6srCONnxkwfKK1NU0p_exOH9oP__oCHqXMPowtBW-1ubdgkfKHVrHSgX_2xeH7oKjbSFadFQLmFvAo2pn7qUZucGmymdKSunExqLfvT9PYlxxgoKmySbn5rnmY-0KIzQLH5uOEBPfALMM0rBxoi8YpCXlAYN2JCFxDeWepml4AsgSLovJ_o2ot7xoo51cSnmHbnv9ssTVG6l2PQPG7IBkQR5KSJJAGk3RmHAoYKn2i2HzlhNrg9myPzCKFW2oVzO4oqRU78iC77vFMdI0jEGUC6efSrb8rp0uv-MfGmYduHZgGVXllj9oN1D32feATxo0jFbg0ra5yhRkRIyzZ2yRa1lHdCAmu6y4jkigE_qrDXr5ssJALJkVO0oIYAVTKr8DygrThX5XZhYW8rGxAbDoDCh_cAcQjs7ULpw-qweEu0CYm3HOVC10qSCSRn-YtoWfKD1_vp-zEsQKIEaDmz5W8ablszdoLhIc0sYjQ5SIli7H9-OMP00fVQdL1QQ8skQBdNgvIa8kg63_f3VgzSQt9toXoVYBOoouBSuZR3bS8yc6EujlR1b6WjPZZCM9qCnL3qxHgEvreU2XFJ6gwk3xrCeBm0dVfdnQczosYNwwG5LB7JPcRRIOX7cAkWEZYzqV-mF3j_QDyE19faI75DzBbTkz2xDs_mwkl43Bh5kVrDuI-w217Uj8eEuJDfdZNBtMkdppcohVH9Lm-aupCP28wxZMLkuCb3HoA9hJkiH5R-VDJLH-2aFfdAyVLTRKLcUdtr2AyZBv7N7QZmiFhitdbWyjsYijMyPx-d2AOQ04SCb0vmL-TeZuM20vDCYezUn13pLYQoOvI7mDRpE0YI_mymT7r-9G3iT7zkGkfvuFc4DwoT2ZspQoigpSeqUAMYa3SbeTmQ9RpO1_FBfMJ1m4DQcAwnewkIWeu_X6B-T0cROLih8zu2ta_lDFkjIp3etd21qNaetCNJmgwRy9pA0Sz4DYhsiQvUy6HjMz1fnspSr4_KhMvqW_8GfLGZ4mJxAOTObMo8YnkbWEdbfgcE_B4N73sUIaO_PydrPEYnttgcfsPNj5HQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 nowtvtext-bold.woff2
s0.2mdn.net/creatives/assets/3690075/ Frame 989D 30 KB
30 KB 45ms
27ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3690075/nowtvtext-bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11083941645051375757/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20c74099800465c67556724a9ff0f7f5160e51c541392c2fa1836cd7f785682b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:56:13 GMT
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30332
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 08:32:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:11:13 GMT

GET
H3 200 nowtvtext-regular.woff2
s0.2mdn.net/creatives/assets/3690075/ Frame 989D 29 KB
29 KB 52ms
35ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3690075/nowtvtext-regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11083941645051375757/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60269b139f53846dacaf5effdae581cd34b908990abdc44c915db3f649a478e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:56:14 GMT
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29628
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 08:33:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:11:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
62ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2615060659721634&bg=!JiWlJWrNAAY3kmNgF5I7ADQBe5WfOJyjFsXqy9C46FjO_mfJpzIj3DGELFWEJvjO5tb6DQ8Fe0tKNRNEv-edbOs9AXJlAgAAAJJSAAAAAWgBB5kC_zcoV7W3-6reLqOikpTbrIEUqikR3p6mt6vBocJXP3G26PeNENFyAQKZLbEmAb8HZk0z4zQsKfwZtEiudVg5Rv2ScW7vjuIqGRip7dTHL9rTY2JmhnLRkK5c6s8hpr6cRYgRZM6XOp5w7Dccg-HndZiJr9VhqfIwIAkw5OMD89lcvl2bklljxZa-Vl1V8pjxxYyPAiWyeDIR2bQaI1YoH5RGqD2Jm1sB5QS9rsYHfSNPlJVzPC6Ew2FbX-DBp9LuYO0QtpoOqYvTtU33FAi2LKNxYCoN8EGMM6avOU5heThnYHvgBISMwivDb7ch7WcsmsD_2LHMRsRSclGTfdk0kfhMsRiAzZVSFhKlZ4rhBWDkjtGwIAkRxZvZL7A8kpyUN8fE0l9Z7fYsJgTP5JW3Y8un3VjnoNh_EnRCswLghffSI8Q8XRCGWpDT1IUYDtIhvOOCZq2il5EdS6sr8D30Bn2vSaE95IQjjqGpiAcEQfcnU3pMSMN8CoHsyGiR7ZXcsjdcNc9S-QOoUTE3epNR2SUBJGIJh6aYKffzPNU6DlGhLHzYw0b2nMEgeDJZBoNJ6S0YKgTvAnLUf_jmJu9Ue6yo1YryGCKVI80qVjCBOoGeQlVlpZxrKTQtCKBd7FI-9-gf32ZWFAr-eFU1DU5qYBDE_yTGco2nhdauI59nXKQ8uQoNcuY47g1VjEJHyp4OqDnQQq_4KVik0uYeEJ8DItHCZVPHEb5t2ReRLQGx65yR4UitggFHPgySkLKHAQqq2CaSL2oj518FrBd2HvnYtQDkfj_agFp3QGtwy-mDMGgyalisgPCH0S8CwG_y_uOGijFlTAOnuzY82JfuIgnOxCrQpL3EfI1P7pbeHw7ADiqcRg9QuFmVJCzcwlJZH_2jDVN6kn_j1dJLUOk1Ylr3da2e396lRuUfZOI5vlqkXTH9Zr4TPlmuBv1DvvE29uo7wC8I5LMVWxp8Ti25EGZvkv0jw-ZuZBF2Svcjq5bFSxUTYaxSO9ED_Cajj9VHh51p
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 989D 8 KB
6 KB 70ms
69ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b467afda2a1a7112b11f0b34c069b91586112f3542b9fad54c3d5f0cf5db4ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5873
x-xss-protection: 0

GET
H3 200 DCO_WOW_Family_Law_S3_970x250.jpg_1698763507574_DCO_WOW_Family_Law_S3_970x250.jpg
s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4736540/ Frame 989D 123 KB
123 KB 39ms
33ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4736540/DCO_WOW_Family_Law_S3_970x250.jpg_1698763507574_DCO_WOW_Family_Law_S3_970x250.jpg

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce75c6726d31c1e792b325e5852b69c8252d6657c4ec0f66e8f5837429b9cec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 12:41:51 GMT
x-content-type-options: nosniff
age: 559197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125971
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 14:45:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 12:41:51 GMT

GET
H3 200 blank.png_1670941006737_blank.png
s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4631681/ Frame 989D 95 B
120 B 46ms
40ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4631681/blank.png_1670941006737_blank.png

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11083941645051375757/index.html?e=69&leftOffset=0&topOffset=0&c=0N2t4hLIIg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 03:20:55 GMT
x-content-type-options: nosniff
age: 247253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 14:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 03:20:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E40 0
0 69ms
51ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2ZIx-deFQOxogHO79lXk-z8YwOJ8YzXOMvPfRklaqggL7xDvZBO4Iyj8waZyhlR-m8t8ZE5vMIfPOJifUmN7MZMf1l-IGoDk0uPODCAKUeG1F59qWBg3JhujVmQVBQ1GIC5N4zCmazZll8Wo845Rq0Sr-GbPejm2mV5HVlYW5HCV4DQST06ZaFEAhdlieiRYfd7FsNzkOpYipj3HYmBtb31pOoTAX8_pm_QRaLkawsZDXbe0wuC_uLa0_S5-oZT1NPnLufMjb2b0jUHQayUxFWqyUD688h1HcjqQccFI1dUUJHRwwpm0WuZLQm83LcAgzppba4qUS53NfNqScFoe5NjqNGkwMVjWdH_Pt2T_FvmC0t-sH_1shWEEI7B7mTfNB3-FA38hVxznXhfN76HKAuLeIZpkqjD4_C80vmaUU15s0gOMVrbIMBygJyuQrCliz1XuV6zOyX45FR0d2a3OHRYmrYI6_OZucaURaLm-0MpYlLyGwVaem8NnSnf8hsuPQwAqw-zZPhJBUDwpN1P753qVsmScdfkxBr1wU56RJc2Qtb69sRmG6rMPCCMaDWhykuogJCwKSZNWLiVG9iw3aCCb1ycUeTJLghHc5bBvY_vHG73KA2XYDyyqXkwFeLUV7OzUyqlv_UvfwFoptX8lmCMCWarhGEUS7_QkyJD-_p3iJa3SG2W9HMgImJFq2GV0gKdcCgE5R99GT44H4Vef3Jy6J9kvS94UtKTNRWX_Erny4UDcudRREEmLUntHils3oGLjKZT8oCOpYwprtQjlGTYkp-s78nUhkVBj_KbNJHjbgyM-Vga2Ybhden1uVByf0sYfqYSAHxNLdslfTRSqK_BWzby0ffRmcRW3NbUbvOaE2XnwJatWGK4iJquXmgWiZ1h6XcdW80hH_zUSTCL05p7q7ZYYQrjY2Pm7v_S_itz5PvnlWbpn5-fjUCbT34SIEOWy84VqKJrwZLjz0PJNQwHOG9xYNy9fg4IJyA6ORgYfoefNq6ORHc0JPkAEM5xLfokcPypugoGCYX9xi-wszYaqjHTwzMhgLwpbjsa6Pm4oJ-LtpNRFRy3eETieT8KUTDd6GJ4wR0txHAoaOTWD92Fs6VaokfE-DW-rkr1d8LiNfxixAHeTRF-Jqs42mxTBqpq2kJmwIA2fTCmuP3QYjLYEy1BxEGmLPASPdh4lDlGrvdOD2pIvRus2VKFHa2uwP_nJd1QvGN5JhYMPpXQLh6A7hJJhdBzC4FVfYgf1iyPIja1Lgf_xaTTXIDE7jFklX8FlVd0s883iq_4H9joDsG9aMSvDg8Kd8zk6zrTT0FSE_kJI5je2EjHhqFFrgHsCVvZEffTZ800vTBIsoYdvd-_TqXCRvLAA3g6cpi9xvxBW5NWycG3-e7EbdEGMb_A0K8VohKb2Pzlt0wlMUv7z-F0QkPz8izJS--Gwj2vuw6aVR91a-K4dWgVfDKMkAATlMJD81C7Y_f0Rx&sai=AMfl-YSAtpFg7FKUKLpQRYokolUSA5224oP2HCQ1fnJdgSYYqFZYSwHk9YWeCLeUBilA3gGVJI91zMJobNQVJPjDMoejPoxaodbLcuRlxwgiQxBwORvyGlyTZRIrCV4gspxUzCeuJaJu5qnvJQLuKgbFmwtmVI7kCb_8cn5XS5N0VaMkw9C0DKK48EUTSoBdWs2X9DVndWHBjeWfKVNug4_WGmUI-k7brYb3vn8MyVM9bQGXqubpVqZLGNxbbd_0meAZEwhf&sig=Cg0ArKJSzCUxmLZRZ83IEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=367&vt=11&dtpt=257&dett=3&cstd=104&cisv=r20231207.13558&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 286ms
285ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615060659721634&correlator=773637757571029&eid=31077978%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctv_cultura%2Cin-article%2Coutstream&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0f6c2f9532f325b3%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MY_TGmJ5Oqy9o15XtzkctcYIctuMQ&gpic=UID%3D00000d2f05adba29%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MYRgracYR2KEdRQRtL1y2reWayhKA&arp=1&abxe=1&dt=1703808108529&lmt=1703808108&adxs=1280&adys=800&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcultura.uol.com.br%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&psts=AOrYGsmJKw8jzR3I70PcXYCp1EtRYbCC5mFBVMVq1XUhZKeDYVy2tqXaU4BUN-oMSFoF_oCMj98DdrzTmWB4lA&ga_vid=1684149065.1703808105&ga_sid=1703808107&ga_hid=1507507572&ga_fc=true&dlt=1703808104518&idt=1897&prev_scp=campaignuol%3D1%26group%3D6%26pos%3Doutstream%26native%3D0%26hb_pb_seedtag%3D0.08%26hb_adid_seedtag%3D7012327a39e6b26%26hb_pb_appnexus%3D0.25%26hb_adid_appnexus%3D68aac692f57ac3d%26hb_buyer_member_id%3D3941%26hb_adid%3D68aac692f57ac3d%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.25%26hb_format_seedtag%3Dbanner%26hb_size_seedtag%3D300x250%26hb_bidder_seedtag%3Dseedtag%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_bidder_appnexus%3Dappnexus&cust_params=cdn%3Dother%26origin%3Dcultura%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3Dfa0b2854-fba4-480d-93bc-841009d38498&adks=3440619924&frm=20

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f597be9aa7a093bfd1a00c780e306681767c1e391239028c03279fbc0cb73be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 989D 17 KB
6 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:01:48 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9033 39 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 container.html Show response
fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04C3 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
expires: Sat, 28 Dec 2024 00:01:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BAD7 466 B
237 B 61ms
59ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGK-QxvcBMAE&v=APEucNUm-frTt5E1FxI2S0_5n6GiroBsVXuNTnULTwmY5WK8MxG2_hfxZ4dCGorxQkdG7pzR7qgBKaWD_fikHc4O7whDlME9fJVV_ngkd90WkHGbI2Y3LY6OjKOJmmcJajHkbIZTc5pJh2C4moJZkTstY1Fr_1cO9CKw3MZWT-U_V5nkXsL3XhY

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 04C3 89 KB
31 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C3 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cb0-Zz6U5iJdcWBod71oiK2mtg3Hsy5-69agsoY0X3xgaT9fVYoBz5K-dX17CTsB1uBCCv4n6xP250si6fZxXtxCXZGsFzuo5_auCnNfjWyiXyUNI

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 04C3
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1676726/75268010/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1014264744&ias_pubId=pub-6330791094260149&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=

43 B
481 B

25ms
25ms

Image
image/gif

2600:9000:20ab:6000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:20ab:6000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 ed6e39eea0e39e463514b9421b7a2806.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1492325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: c7-LQrL2b7fmM7IwlawGJzdf0IO5kDcxJHyJk8HZCcCiQpx_bb2pcQ==

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:48 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 04C3 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 04C3 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 04C3 0
0 29ms
28ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtBEu4XQEWZGcbsKavAofVgjc8_xDQm9wk_h5hy18HTo8mg8dGqnHhc4rhSAEbofwG4U8tRThx6bKW4eFdUnuLx27yCg
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04C3 203 KB
64 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:48 GMT

GET

partner
sync.search.spotxchange.com/ Frame BAD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOtZ_tNyot6qZw1VM3vZ3N4&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame BAD7 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame BAD7 0
38 B 23ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGK-QxvcBMAE&v=APEucNUm-frTt5E1FxI2S0_5n6GiroBsVXuNTnULTwmY5WK8MxG2_hfxZ4dCGorxQkdG7pzR7qgBKaWD_fikHc4O7whDlME9fJVV_ngkd90WkHGbI2Y3LY6OjKOJmmcJajHkbIZTc5pJh2C4moJZkTstY1Fr_1cO9CKw3MZWT-U_V5nkXsL3XhY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 825ms
825ms Script
application/javascript 2a02:26f0:480:10::213:7e85
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:10::213:7e85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
akamai-grn: 0.457d1302.1703808108.53636b89
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=10, origin; dur=795, ak_p; desc="1703808108942_34831685_1399024521_80325_506_19_0_146";dur=1
content-length: 8357
last-modified: Sat, 09 Dec 2023 14:55:01 GMT
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
342 B 125ms
125ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:tvcultura:1&tK=1703808109&tM=direct&tL=direct&tN=direct&tY=3&tZ=197020669
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C3 0
22 B 55ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5175398151622&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C3 0
22 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5175398151622&version=m202309260101&ct=76&x=1&cor=14594041290165266000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 04C3 101 KB
39 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN-J5fxZTWPXj6KOu8lCblFkf7eYVoZ-XL8nlYC-j4eiJmhXup5qmmRlt7GuIcC2W1PB0hoQ10C5JXYKi7aofSeU2S8X_nappOmgCwWO5S5JmhWuQKdhksD7fYqQ8UAVwrgII3Bce_4exGLSFu9KBdP6EJUMDoboEeTrwbxYx3pZS93tk&dbm_d=AKAmf-Ccnq7U3kuIiYisFluALnZl42tnrCyydieKdtm89aob7xQIHtuVLNTYFuqwF8sgHf_jZBqcA7ff7hf1tkQf3Gu-TX6zKeC5e-n5pYfM7Q9pL03ngbxV2GP8TQTDOvWR3CiTjc83k7WI7dQQKk_kYrfWevuhPpdJ-HiW7HRpj02ORmjfLAwgDYmpqtoIqZtHVOGyRL-JmQ5165M5kZmsCAnI8-5Y4Li_wOgqvtCZ_KBA1miTF02ol2AbLWIWvquzkweMpKx67gW-BT1AeQkME4VqZ1qG6Hb3FPivTOM-GlpnykUQIBqGuS1OtD36akWwfLRoGYno91W3Wv4AgLwvl27PMuzY3_lcIZi_9NnAM5tnYk3UEeXAvYxg0IAStYdzMLYu9A8XNr7NOTQKt5TAgsGz-l3cnT0a4ydFc-64trdwms6kdntBaBbfdPS9OYMWqp4T2DMaQorPfFGMnPKOXSGnMZ135WfX1Az7v4v6cmeGhC15yYVFpIhbYfLGECI97Aa8oaOz50jiZa9CGdfhmv61cUAArbGVGWRQ__uJ8mnQvoqHIIWs4jy32FIxUkLpFj1IUTM499X4VJSv2ervmEwbvgJTrdptSi-WFJ4TPxD4Pw-4jz4r0kQMASSivVE4i4_KpNAiMoSb7cWCBDlkx0P0YSV2BXn7xUezizxwcDHkrLxk6pK5R0soib72uj30MP3a0V9GG-I9OoIT140q5bgwXGLzA5vvaLf1NgfRp35CbO6qjtT1Uzi8zHl5HtlcVpbxWyt8jg2SL1JI-ZwvO4ZtZG1lmrqUbE7k1BRTVl1fZquCeLBTBWCNlzIss6wm1YkLZ56kb4J_jokSg0sFCucUV0IsIMlz3vjhqnIfAZxrttLs1mtzjZhZn25bMaXX_qpCAhPLfiSWl8_GBFy71Ij4IDwNyHjOF0lBvW5duNmGwr-m2YcbFs9fa6709SFiLp2vYyHsW5gsxNT_MTpw-68wsLqPdXxtW52q9W6wZBZjRzKHwuM3k4_APFTgoV7izcwYxyC8JuXhRv5OdSathPI0EXH_npb3geYjBAZRAbW91SuwVkTKCBa6URg3tqQZ6P8DMTAmjX0_0Gwz1S91XL6Cb5-qUa-NGp9JCiYPSujUpLEmETzfgtBE8VECIQY7SODFxFgqrP66ZqDLPdRLq12xnx9cfj6y32RscWXayyF5OTM2RJ9RT1FcbsZQWSWzsX2eK0sB7flc0FKxp7VFmpXFhQLQHQ93zlMwMmIcW50g4V6wDQ2ZcbhGWmJFDJ3UG8eRZr2su578WaKN-BzS5WiCPK8r_GDZ9DIO7dcwntoGTXEPdBwFJYaHzWUOSrcPteilZtVFuWZ6WEfdakjAK8nScKCd4sT1a1MsAfISRsCi8Ya93gKRNqcO3LOfffjDt6bkfuMvqdjfAda6Zk3yXg1yixufnLqZzTHjJujBNwBYDqIKkqNQblOa8BqBCUB72KnCSmfrK3gK8UBRgII5PPlHYQ-pssxuXbrzQ0gO-zFrayKSI2_t6m55vqCvwzfwWm4C8sUTUPOOemtemFTT9oTASFbgnepZ6yqHW9s0Spw_VtSk7mklcAdGEK_aZRYPoxUVWmlMT5iUD6AW_NK_ZfmbPW4TYhlusz4uyuGoo7-EmVhcnsqsRInAZWvNzsdR-Z_3gBBexlQxEzft4YJZubaKENYPqY3u1RCZ7RfQl0iCUpKy-cCWrsWeAKFLvadupuurMA7hy3cSj-a8_97flOl7qpyUOD8b__4Zm50G57_4RbDFJbuuvsmMuoQCE5G1qbxL62A0juhxF-LX1Abl-UXUJr1LK-IisSH_eyOqHTQMDGbY1BVCSiKMaZOEcSMZ3E2Iw4yNtop59BPcUZlklsWjM3Kv20gaYnPXSUSw7h9r7VUP-kIlrwZ6JbBcMFvPT2CHK6jZXpZ4USvb_0o6IgRl4cwFCJqDKhosaC8T06s_DSAunDc1dJv9j8JWBMyOdaNzyK_B-xxWl5zTGOG8WxTmDmu3lPCiEYvVEL5523kQY9uXPyVucr_SUIBApvatn4DwWbiRwlMTSqJZfB7IQGvuEge4Oooe81AkQij2_tFBdsFLV3IjkEu_Z9BN0ij5lk80jp7nghyU1t-XkkTXTtIIrws8VaUhwnPSS3piZsa22IL3LQf-im-GOX2SF81DbtxLOtVeU6gDiDDiReGa8RtglTarxQSD1D-aWho1VCXFI3MELSR97HxbULLmSGmU99XZaU3aX3TJ23OYP815hBUEvzy_pAJuM_aDuEbdedV2rJRS0oysLtReWG-4ssMLeN6JLGjaHxO9LnxFqpTvvrsSOIFKE58MLxvOkSqSBYR3AeQEdksU9d1f6ObigJCthnSoLiH-vgNJg9WIfNPB9osRawceIyaBonCWTIacTRktLtr5zbpmu0P197-IDoLOUi7_mv1mDsAIt8tKYbb6bg52WfMq4ZjCfOVyEBXzXqyukVrVw_Jhd598ETrPkmNzr6Rc0BYxwHRzpmXaZdf9aXxAmjiLMH2WyKuqF9DwZiYI6HodoBecnxFh9wcoxe85qE-H7d4tgL6CcXdCYLpnQpH10L8bMz2Y842vTeHWHtLbaCqXwrdPKmXaay60q_V5Z094paCj1oVnW_cnHzig74hi5HMGzfIWOPa15KvcItJwjDR8Nl6VTLkdQJuHKdywP-8_vO9Rr54GpLZvfx_g8G9_5oJc1MURJ7mWYydt4FLhFVsU4jB2C0mUoZXqZy_ucdiZRTgmRMHPuF3jMTassG2ZMvRjdOMfhiuUsas2k8pD3RbvO5x5LJp2Q0xYilZPPwkLe1R9vq-AaEjQYs3drUKq0Uvm1B3xCKt9bFvxVKHNAlJKnyviLKAq7q5VF9Sm3pl-gSrAWfzgiw8bMjkUVSflVKPvUPGlDJWSSDQp0aoe59q55cJF8_ZMUx_Uyh3GFJovvPKiH-ZWunBZc5MR4h7YDv5vyq4-8UYB4k9YALAzZtIfiPY9seI962WEF0xB5yAOGu_cpU_c1LgkjQ72JwqCBI8yj_E4F9Q0QyxDixu03BjZIvtJjK5MfU1rjWh6u4Xzz4ryaf734Og9rjjodvF-UrrNtQsioS2HXi21RLirCHnx4ZPZ5-VkMt0LSa1ou-bjgUKCQezIgOkcnC835o6kiO4Hrwk_q_kc5GRQM_OU4JVSJE69hYoCPMJ4sthbZh19Glvz8I1UVFAJAdt-o0XBt4GsV6h5xtsXL1yEVablvodVG-rB5bOTd_rrtxcLE6CWeAVlrNV1AL25mMYYJPITXCX-QGP2T-v_ajpEF8ocqMcMn1YTxmRtQO-J17J4UL7QTuKPZ803PmTZivO4ytdPf-MS_ByVNP4v5CgjgrVvM_13lWpGYU6esiF-6ObVAi5KWjLnOBIFYr_YJ3AkhAmZqOkqeIzBlw238PyKuT_T_b8h2B0xuU5BChaMWZaTCPfpWNisMeiEbeKpuXTM8Fi8MJ4uTNuvlDabtYiy-sgN7x1CGxvq0wR9J6h-tBGJEsngxozRdVWz_zjt-pv7u6T7132WYUuw7_PaI_WoPAKkFx1HTNWrAqCj4Ng_v5CWi8Y_49vWDvgry2-cQ9Dj3-oMk4tUQ6zQNKZ0B6-NXUx0Tn3HBIixTYQxwWo7LpfFFKjul-94Wx3ULhBaggtfmymKYNsMRziGRvbc1i0b7ByJCCJSe9BGBZiG_n3ZefTSlVUV_1gjeAwFZ_MBlXBoXuOPZEEM0hEiLHwxKAcCg_nDM9M5ur1CcXz8jhnDNvRV_11lJAVTi2CSZ1oXO79FRQJDIf6LbGu1O5QYjZq31HxrpcpUz-2DkW3YytIH2fYB65LfsJFYr8_N5-DNvljAPazin9DoGEEQp5XRSbc3ESRqlpCesq9hmwDW_yD4oQWHRWx2LRYqLaTClkmnkLueNACZO7Lqp3kdyEOOi6iboGTK_khA2IyI-vPG1W6oSbnal-VWJuL3LsfGsCTxFSCoTTtK0445NgV-s_Q_Iu0IGGzMSkdUvkdBhTtujx0qtQZ39fSp2kPl17RHIEAx3PrMl8DhbrEsLaORAQgQ-0efqL-KdUi3oP0&cid=CAQSOwAvHhf_ikGmSl5Oo9PV0G2of8kQzCXk1rf8oXW8wGPHU3rzk_xbLdYFiLHeqRJRys8LkhX1O3AVtgnsGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=14594041290165266000&adk=496764935&idt=124&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c3c11e8b9071cd96bbf8ec57d2a475f596d5dbcf1f500cd871e82d345f00c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40146
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs Show response
logs.browser-intake-datadoghq.com/api/v2/ 53 B
344 B 571ms
261ms Fetch
application/json 2600:1f18:24e6:b902:77a4:a3dc:33f4:a0a4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://logs.browser-intake-datadoghq.com/api/v2/logs?ddsource=browser&ddtags=sdk_version%3A4.48.1%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aweb-player%2Cversion%3A1.21.2&dd-api-key=pub31e5503b24af44659392aea8b2c73c9d&dd-evp-origin-version=4.48.1&dd-evp-origin=browser&dd-request-id=2ad3392b-b33a-46f1-b76f-ba26fa11c4c0

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:77a4:a3dc:33f4:a0a4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

c830be24f1d79f10478d77e2ff385ce9f846f2e61f90920e3c37de2844deb54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 2ad3392b-b33a-46f1-b76f-ba26fa11c4c0

GET
H3 200 bridge3.609.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame EAA3 751 KB
240 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 520680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245986
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 23:23:49 GMT
expires: Sat, 21 Dec 2024 23:23:49 GMT
last-modified: Mon, 18 Dec 2023 19:42:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7528 40 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:38:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?length=1028&loaderinit=2683.5&nonreq=6130.400000095367&nonload=6136&srvcstrt=2672.4000000953674&srvcend=2842&palv=1.21.3&lid=1&id=pal_html5&c=138555819709161&domain=cultura.uol.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
publisher2.us-east-1.prod.tvcoins.com/ 896 B
1 KB 534ms
519ms Fetch
application/json 2600:9000:20b4:1000:8:3bba:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher2.us-east-1.prod.tvcoins.com/graphql
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1000:8:3bba:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9bee7c9397957c9c913a2017e0aceaa669fac03ca32e00a86e0a659800b9ebc1

Request headers

x-deviceid: us-east-1:94b63d2e-9953-4355-a8ca-7f9c73aa8d25
x-language: en
accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/appsync/aws4_request, SignedHeaders=accept;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-deviceid;x-language;x-session, Signature=fc401bda1c9b7b6d2383e82a5f622ca61745a15932b0364703512187de1ab20d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
x-amz-content-sha256: 5272aacd8447b05caa1bede34fdf7caa7af02809bc15277b9097e71a4f24ab12
Accept: application/json
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
Referer: https://cultura.uol.com.br/
x-session: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI5Y2IwMTlmOS1lMTAxLTRhMGQtYjA0OS1jMjAzM2Q3NTc3MjEiLCJpYXQiOjE3MDM4MDgxMDcsInRlbmFudElkIjoiY3VsdHVyYXBsYXkiLCJpZGVudGl0eUlkIjoidXMtZWFzdC0xOjk0YjYzZDJlLTk5NTMtNDM1NS1hOGNhLTdmOWM3M2FhOGQyNSIsImFub255bW91cyI6dHJ1ZSwiZGV2aWNlSXAiOiIyMDAxOjFiNjA6MTAxMDoyOjEwMTE6ZWE4OTo1NjQ6ZjRmNyIsImRldmljZVR5cGUiOiJ3ZWIiLCJjb3VudHJ5Q29kZSI6IkRFIiwiZXhwIjoxNzAzOTgwOTA3LCJqdGkiOiIxY2Q2ZDc0ZS1lMTI3LTQwNGYtOTUxNi1mNGJhNGI5NjYyN2QiLCJpc3MiOiJ0dmNvaW5zLmNvbSJ9.Gy3qHQ-ajdBGNxgyYFvYMWTWhQR60SBCLKWoq8PopZNTF5hUJvXbyeVAeRheoeLXpNkdSr62XAM_2KqrHq6D7mtj3TPvS9M7MyMVSNQY6Unl6MAb9b8XqCJEVXX9bJneBA4BRFtKHjm-ruWl1ZHkUnJqPF5Vwgzjq6xEMPnbRaY2f5NbGU-AUFfdgRDUJcyKmS2OUuRn9k4OO62N8xvP3fPArWyv5ILKKhKqy8u792Vh_4p2kDZuoT4PMRPw5PGNX056eH_aoJSZtTzjYomXzl-HFcfM9EaPsfo8G2aCVfozcCYdjORU8CH6sXvWXcKphxRrJ8stY1maeqccN0R-AA
x-amz-date: 20231229T000149Z

Response headers

x-amzn-appsync-tokensconsumed: 1
date: Fri, 29 Dec 2023 00:01:49 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
x-amzn-requestid: cb044c54-5376-409e-8864-5d993f50147d
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length: 896
x-amz-cf-id: IWIDn5hEyF17L6fJsCmPE4bj3fE3yjBSbISMwRLVM42NUeJ4QcfZOQ==

OPTIONS
H2 200 graphql
publisher2.us-east-1.prod.tvcoins.com/ Frame 0
0 352ms
352ms Preflight 2600:9000:20b4:1000:8:3bba:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher2.us-east-1.prod.tvcoins.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1000:8:3bba:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-deviceid,x-language,x-session
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-deviceid,x-language,x-session
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age: 172800
content-length: 0
date: Fri, 29 Dec 2023 00:01:49 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
x-amz-cf-id: Yl_vTgndyFwxSI426kI6nu5lopGGupMN07sPcurzdfFPFRsNdvgi9g==
x-amz-cf-pop: AMS58-P4
x-amzn-requestid: 1291536e-5bf5-4d44-9ae5-8a261e3f9bca
x-cache: Miss from cloudfront

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1986 0
22 B 55ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=33&t=2&li=v_h.h.3.2.2&sid=aQyOZavXJrmS78EPgbSI4A0&sc=2038625486351842&bg=!nZ6lntHNAAY3kmNgF5I7ADQBe5WfODrZwlCizLi7maDLEXyWbWkwsNbvLh63_BStFwhnj1yoZ2a7EJZz-eu-pmwU6Xh4AgAAAERSAAAAAWgBB5kCfKWTA6qm0iHH26j6I47I9BlXO6PO9tYS0eZAexF6TLgMG4ktbr5mkROpZv4A-HVXaw97AwJ038uBGMQres-t5krOpLHU9emtDQ-beRFZG3nVPzEWxQ__RlRh2Sk2DOkL7uqyai2SdxzhrEuX9Vwcx92XKcitMoT4J49eMj3E384j36bbphg_xuG7fqBDrOsUuAU8sxM2o2fC_s_Vv1yvNPK5z8n9CsP3JzDdh1alDDC5ujOJCFnxjp9ZQL2uQaKd6ic93NvkT17i_3J9v2pi1eko1WFwA9aYOEdCO2fkGqwLlU70J-pkB1x5N3fJ0G5nornuocQaN16CUhFbJ32APQ2O55kDadJZR2gkSEEi-yvaFpL73OooSLsFM-ekCkd6Q5uVF73aJfzjGXuy_WvtuO2Al4bEomfRFLr5JTfO_5LcGkA4UnOQRxafF8rxQP-Dn-CRmW6KCdBasrP5ob_GXe6FtXvm22SmtkgCuG_tmwImGT8bzjziMBPjJ_eW2H9ZBvc40tj0b21TgPDVQCr1K6ukqrftHsBCiyjLdC6sK7GyoHYF20J6ctXXn7A6qGnyByMmyhBGqWPNmmgmOF1WyL-ruBf0nVZDTVgdL6sSDWT23RQoW2H1XFY5PfSjh5ietB1d80ou2UVDcPZHMJjloRhtvsoLBz-JrB6B6pW3KeSkuPdSO5mqSVvT24t6YJWvg3ROoR46_B2lZA_v-PWMBWoE7ASEV7L0IOwEXMZ74Sep5OQWk3QfCcKrndMhpDKkFhRfYYlR8Vc7jPUrfRhNIlAXcQp3iZXbb33hNcPX4MOgKWs2MndQ36VG-EcuH3cUoorfdCRkZdPfrXFcxw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 04C3 172 KB
60 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Origin: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 04C3 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN-J5fxZTWPXj6KOu8lCblFkf7eYVoZ-XL8nlYC-j4eiJmhXup5qmmRlt7GuIcC2W1PB0hoQ10C5JXYKi7aofSeU2S8X_nappOmgCwWO5S5JmhWuQKdhksD7fYqQ8UAVwrgII3Bce_4exGLSFu9KBdP6EJUMDoboEeTrwbxYx3pZS93tk&dbm_d=AKAmf-Ccnq7U3kuIiYisFluALnZl42tnrCyydieKdtm89aob7xQIHtuVLNTYFuqwF8sgHf_jZBqcA7ff7hf1tkQf3Gu-TX6zKeC5e-n5pYfM7Q9pL03ngbxV2GP8TQTDOvWR3CiTjc83k7WI7dQQKk_kYrfWevuhPpdJ-HiW7HRpj02ORmjfLAwgDYmpqtoIqZtHVOGyRL-JmQ5165M5kZmsCAnI8-5Y4Li_wOgqvtCZ_KBA1miTF02ol2AbLWIWvquzkweMpKx67gW-BT1AeQkME4VqZ1qG6Hb3FPivTOM-GlpnykUQIBqGuS1OtD36akWwfLRoGYno91W3Wv4AgLwvl27PMuzY3_lcIZi_9NnAM5tnYk3UEeXAvYxg0IAStYdzMLYu9A8XNr7NOTQKt5TAgsGz-l3cnT0a4ydFc-64trdwms6kdntBaBbfdPS9OYMWqp4T2DMaQorPfFGMnPKOXSGnMZ135WfX1Az7v4v6cmeGhC15yYVFpIhbYfLGECI97Aa8oaOz50jiZa9CGdfhmv61cUAArbGVGWRQ__uJ8mnQvoqHIIWs4jy32FIxUkLpFj1IUTM499X4VJSv2ervmEwbvgJTrdptSi-WFJ4TPxD4Pw-4jz4r0kQMASSivVE4i4_KpNAiMoSb7cWCBDlkx0P0YSV2BXn7xUezizxwcDHkrLxk6pK5R0soib72uj30MP3a0V9GG-I9OoIT140q5bgwXGLzA5vvaLf1NgfRp35CbO6qjtT1Uzi8zHl5HtlcVpbxWyt8jg2SL1JI-ZwvO4ZtZG1lmrqUbE7k1BRTVl1fZquCeLBTBWCNlzIss6wm1YkLZ56kb4J_jokSg0sFCucUV0IsIMlz3vjhqnIfAZxrttLs1mtzjZhZn25bMaXX_qpCAhPLfiSWl8_GBFy71Ij4IDwNyHjOF0lBvW5duNmGwr-m2YcbFs9fa6709SFiLp2vYyHsW5gsxNT_MTpw-68wsLqPdXxtW52q9W6wZBZjRzKHwuM3k4_APFTgoV7izcwYxyC8JuXhRv5OdSathPI0EXH_npb3geYjBAZRAbW91SuwVkTKCBa6URg3tqQZ6P8DMTAmjX0_0Gwz1S91XL6Cb5-qUa-NGp9JCiYPSujUpLEmETzfgtBE8VECIQY7SODFxFgqrP66ZqDLPdRLq12xnx9cfj6y32RscWXayyF5OTM2RJ9RT1FcbsZQWSWzsX2eK0sB7flc0FKxp7VFmpXFhQLQHQ93zlMwMmIcW50g4V6wDQ2ZcbhGWmJFDJ3UG8eRZr2su578WaKN-BzS5WiCPK8r_GDZ9DIO7dcwntoGTXEPdBwFJYaHzWUOSrcPteilZtVFuWZ6WEfdakjAK8nScKCd4sT1a1MsAfISRsCi8Ya93gKRNqcO3LOfffjDt6bkfuMvqdjfAda6Zk3yXg1yixufnLqZzTHjJujBNwBYDqIKkqNQblOa8BqBCUB72KnCSmfrK3gK8UBRgII5PPlHYQ-pssxuXbrzQ0gO-zFrayKSI2_t6m55vqCvwzfwWm4C8sUTUPOOemtemFTT9oTASFbgnepZ6yqHW9s0Spw_VtSk7mklcAdGEK_aZRYPoxUVWmlMT5iUD6AW_NK_ZfmbPW4TYhlusz4uyuGoo7-EmVhcnsqsRInAZWvNzsdR-Z_3gBBexlQxEzft4YJZubaKENYPqY3u1RCZ7RfQl0iCUpKy-cCWrsWeAKFLvadupuurMA7hy3cSj-a8_97flOl7qpyUOD8b__4Zm50G57_4RbDFJbuuvsmMuoQCE5G1qbxL62A0juhxF-LX1Abl-UXUJr1LK-IisSH_eyOqHTQMDGbY1BVCSiKMaZOEcSMZ3E2Iw4yNtop59BPcUZlklsWjM3Kv20gaYnPXSUSw7h9r7VUP-kIlrwZ6JbBcMFvPT2CHK6jZXpZ4USvb_0o6IgRl4cwFCJqDKhosaC8T06s_DSAunDc1dJv9j8JWBMyOdaNzyK_B-xxWl5zTGOG8WxTmDmu3lPCiEYvVEL5523kQY9uXPyVucr_SUIBApvatn4DwWbiRwlMTSqJZfB7IQGvuEge4Oooe81AkQij2_tFBdsFLV3IjkEu_Z9BN0ij5lk80jp7nghyU1t-XkkTXTtIIrws8VaUhwnPSS3piZsa22IL3LQf-im-GOX2SF81DbtxLOtVeU6gDiDDiReGa8RtglTarxQSD1D-aWho1VCXFI3MELSR97HxbULLmSGmU99XZaU3aX3TJ23OYP815hBUEvzy_pAJuM_aDuEbdedV2rJRS0oysLtReWG-4ssMLeN6JLGjaHxO9LnxFqpTvvrsSOIFKE58MLxvOkSqSBYR3AeQEdksU9d1f6ObigJCthnSoLiH-vgNJg9WIfNPB9osRawceIyaBonCWTIacTRktLtr5zbpmu0P197-IDoLOUi7_mv1mDsAIt8tKYbb6bg52WfMq4ZjCfOVyEBXzXqyukVrVw_Jhd598ETrPkmNzr6Rc0BYxwHRzpmXaZdf9aXxAmjiLMH2WyKuqF9DwZiYI6HodoBecnxFh9wcoxe85qE-H7d4tgL6CcXdCYLpnQpH10L8bMz2Y842vTeHWHtLbaCqXwrdPKmXaay60q_V5Z094paCj1oVnW_cnHzig74hi5HMGzfIWOPa15KvcItJwjDR8Nl6VTLkdQJuHKdywP-8_vO9Rr54GpLZvfx_g8G9_5oJc1MURJ7mWYydt4FLhFVsU4jB2C0mUoZXqZy_ucdiZRTgmRMHPuF3jMTassG2ZMvRjdOMfhiuUsas2k8pD3RbvO5x5LJp2Q0xYilZPPwkLe1R9vq-AaEjQYs3drUKq0Uvm1B3xCKt9bFvxVKHNAlJKnyviLKAq7q5VF9Sm3pl-gSrAWfzgiw8bMjkUVSflVKPvUPGlDJWSSDQp0aoe59q55cJF8_ZMUx_Uyh3GFJovvPKiH-ZWunBZc5MR4h7YDv5vyq4-8UYB4k9YALAzZtIfiPY9seI962WEF0xB5yAOGu_cpU_c1LgkjQ72JwqCBI8yj_E4F9Q0QyxDixu03BjZIvtJjK5MfU1rjWh6u4Xzz4ryaf734Og9rjjodvF-UrrNtQsioS2HXi21RLirCHnx4ZPZ5-VkMt0LSa1ou-bjgUKCQezIgOkcnC835o6kiO4Hrwk_q_kc5GRQM_OU4JVSJE69hYoCPMJ4sthbZh19Glvz8I1UVFAJAdt-o0XBt4GsV6h5xtsXL1yEVablvodVG-rB5bOTd_rrtxcLE6CWeAVlrNV1AL25mMYYJPITXCX-QGP2T-v_ajpEF8ocqMcMn1YTxmRtQO-J17J4UL7QTuKPZ803PmTZivO4ytdPf-MS_ByVNP4v5CgjgrVvM_13lWpGYU6esiF-6ObVAi5KWjLnOBIFYr_YJ3AkhAmZqOkqeIzBlw238PyKuT_T_b8h2B0xuU5BChaMWZaTCPfpWNisMeiEbeKpuXTM8Fi8MJ4uTNuvlDabtYiy-sgN7x1CGxvq0wR9J6h-tBGJEsngxozRdVWz_zjt-pv7u6T7132WYUuw7_PaI_WoPAKkFx1HTNWrAqCj4Ng_v5CWi8Y_49vWDvgry2-cQ9Dj3-oMk4tUQ6zQNKZ0B6-NXUx0Tn3HBIixTYQxwWo7LpfFFKjul-94Wx3ULhBaggtfmymKYNsMRziGRvbc1i0b7ByJCCJSe9BGBZiG_n3ZefTSlVUV_1gjeAwFZ_MBlXBoXuOPZEEM0hEiLHwxKAcCg_nDM9M5ur1CcXz8jhnDNvRV_11lJAVTi2CSZ1oXO79FRQJDIf6LbGu1O5QYjZq31HxrpcpUz-2DkW3YytIH2fYB65LfsJFYr8_N5-DNvljAPazin9DoGEEQp5XRSbc3ESRqlpCesq9hmwDW_yD4oQWHRWx2LRYqLaTClkmnkLueNACZO7Lqp3kdyEOOi6iboGTK_khA2IyI-vPG1W6oSbnal-VWJuL3LsfGsCTxFSCoTTtK0445NgV-s_Q_Iu0IGGzMSkdUvkdBhTtujx0qtQZ39fSp2kPl17RHIEAx3PrMl8DhbrEsLaORAQgQ-0efqL-KdUi3oP0&cid=CAQSOwAvHhf_ikGmSl5Oo9PV0G2of8kQzCXk1rf8oXW8wGPHU3rzk_xbLdYFiLHeqRJRys8LkhX1O3AVtgnsGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=14594041290165266000&adk=496764935&idt=124&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:44:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 04C3 31 KB
12 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 04C3 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 03AF 1 KB
646 B 18ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 29 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 04C3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 709541ddf9136662ea6ea83c5570454b3fbcb6373f21da8091ae3ae63f911b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 03AF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENP-hdBNlWCpLhbnN4pUl2A&google_cver=1&google_push=AXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHs...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENP-hdBNlWCpLhbnN4pUl2A&google_cver=1&google_push=AXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6i...

43 B
426 B

196ms
180ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENP-hdBNlWCpLhbnN4pUl2A&google_cver=1&google_push=AXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83cdc54bc8c9040c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 314
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENP-hdBNlWCpLhbnN4pUl2A&google_cver=1&google_push=AXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfIHOqFWzSnm6lVzvTjLSPrHdufAGmnS21yJ2HbH_KL3mQL5h25mSqQnj_Xs5h6Ksznsuae35e8yBO6LULUYZuxt9CW6iHsQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83cdc54a5fd9040c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 03AF
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDX-rgTAIYrXgbEA_qhP5bI&google_cver=1&google_push=AXcoOmSBF3cBeR9wI8WCJB3CrWKcdnikLTWyVT5n-dIa66BCpXvtpP2BENGb_-Q2MVkNc6y-peTN2rUolTBCMe...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSBF3cBeR9wI8WCJB3CrWKcdnikLTWyVT5n-dIa66BCpXvtpP2BENGb_-Q2MVkNc6y-peTN2rUolTBCMebsinss8b09XDt2dw&google_hm=hmWODGxQdUTMhLm...

170 B
232 B

34ms
34ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSBF3cBeR9wI8WCJB3CrWKcdnikLTWyVT5n-dIa66BCpXvtpP2BENGb_-Q2MVkNc6y-peTN2rUolTBCMebsinss8b09XDt2dw&google_hm=hmWODGxQdUTMhLmvgg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D658E0C6C507544CC84B9AF82BLIS

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSBF3cBeR9wI8WCJB3CrWKcdnikLTWyVT5n-dIa66BCpXvtpP2BENGb_-Q2MVkNc6y-peTN2rUolTBCMebsinss8b09XDt2dw&google_hm=hmWODGxQdUTMhLmvgg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D658E0C6C507544CC84B9AF82BLIS
date: Fri, 29 Dec 2023 00:01:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 03AF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC6dqsJ8Fdgjc1XlUlu6MWA&google_cver=1&google_push=AXcoOmRvsg9ByuQceFnsr9P3vMAhVhE4WDt0VPUYWDHn5Xvt4Bi-6PAry2WcU3_Cu2-dz8P7QnwRQQU_7mDqyy...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNzgwMDEwNjgxODI3MTM4NQ%3D%3D&google_push=AXcoOmRvsg9ByuQceFnsr9P3vMAhVhE4WDt0VPUYWDHn5Xvt4Bi-6PAry2WcU3_Cu2-dz8P7QnwRQQU_7mDqyy37IZ...

170 B
232 B

40ms
39ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNzgwMDEwNjgxODI3MTM4NQ%3D%3D&google_push=AXcoOmRvsg9ByuQceFnsr9P3vMAhVhE4WDt0VPUYWDHn5Xvt4Bi-6PAry2WcU3_Cu2-dz8P7QnwRQQU_7mDqyy37IZjp7YbXgaTaQA

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNzgwMDEwNjgxODI3MTM4NQ%3D%3D&google_push=AXcoOmRvsg9ByuQceFnsr9P3vMAhVhE4WDt0VPUYWDHn5Xvt4Bi-6PAry2WcU3_Cu2-dz8P7QnwRQQU_7mDqyy37IZjp7YbXgaTaQA
Date: Fri, 29 Dec 2023 00:01:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 03AF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmRped0sEZQeubK0q6liyZxTAisgZqpqsJTKDlSwJ9apV8AXce0kekpZo0qZR-bi3jZtNq4HdLj7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmRped0sEZQeubK0q6liyZxTAisgZqpqsJTKDlSwJ9apV8AXce0kekpZo0qZR-bi3jZtNq4HdL...

170 B
232 B

33ms
33ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmRped0sEZQeubK0q6liyZxTAisgZqpqsJTKDlSwJ9apV8AXce0kekpZo0qZR-bi3jZtNq4HdLj7MqOMyZIUarsH5zEdvRArsw

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmRped0sEZQeubK0q6liyZxTAisgZqpqsJTKDlSwJ9apV8AXce0kekpZo0qZR-bi3jZtNq4HdLj7MqOMyZIUarsH5zEdvRArsw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 03AF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqXrVO45s52FvxbZJswJwA&google_cver=1&google_push=AXcoOmQ7AwzIgJcLL98NgfOFaCZmkiD7nqM9pw22uwyMCtFNhyyxEZRc8l6QlyAeEe-2juVMHaj...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFQVkNUQ00tUC1KNkFV&google_push=AXcoOmQ7AwzIgJcLL98NgfOFaCZmkiD7nqM9pw22uwyMCtFNhyyxEZRc8l6QlyAeEe-2juVMHajkQP0PHqM0MYi4YETIxYxMCieG8A

170 B
232 B

32ms
31ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFQVkNUQ00tUC1KNkFV&google_push=AXcoOmQ7AwzIgJcLL98NgfOFaCZmkiD7nqM9pw22uwyMCtFNhyyxEZRc8l6QlyAeEe-2juVMHajkQP0PHqM0MYi4YETIxYxMCieG8A

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFQVkNUQ00tUC1KNkFV&google_push=AXcoOmQ7AwzIgJcLL98NgfOFaCZmkiD7nqM9pw22uwyMCtFNhyyxEZRc8l6QlyAeEe-2juVMHajkQP0PHqM0MYi4YETIxYxMCieG8A
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 03AF 0
44 B 30ms
29ms Image
text/plain 5.196.111.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPfu-rvebv_Aricy8il0n_k&google_cver=1&google_push=AXcoOmQwI9scSClogAKI8Ec7w1TWEbzqGELGNdJcBOH20vfOKABpAnbnCyrWiuNZfAMmhe_tpcwoIqk7fLkSRGvLdgIcS5AU9vuHRg
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:48 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 03AF
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAXRD-Uesb30NJLix4XoM6U&google_cver=1&google_push=AXcoOmTF2mXbsBuGSlMcdF_BcYSuLp8T1XA_vMlystOhmyK8DnKvi7xdoxPXFEIrTpY6ht5rc2_USNjSCWZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTF2mXbsBuGSlMcdF_BcYSuLp8T1XA_vMlystOhmyK8DnKvi7xdoxPXFEIrTpY6ht5rc2_USNjSCWZkJ4Gogoc5RrK1mwgz260
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

19ms
19ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 03AF 0
49 B 30ms
29ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kyx0TGG7n2B11t1jC7Wi1wBL5umTdArf6RzJ9zEPW53N8Fd_W2465Z7Ff6ZVcX0ye5UalWDA

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5C65 38 KB
13 KB 21ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 224191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15794812920567058460/ Frame 827E 30 KB
6 KB 59ms
58ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1188e2dc7546a89c08768ffa1f01262b09fcfe7408803572dd7af697006cd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:49 GMT
expires: Sat, 28 Dec 2024 00:01:49 GMT
last-modified: Tue, 17 Jan 2023 12:29:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 04C3 0
0 68ms
68ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbQdzwAyEFFenrRcmPe7euCS6ZiWQE22nSemyAudaeQlOyBE1f7c1L4m8XRbBR5Wyyl_CrdYn0i7TQtrvrGmDBj1YbjMW6geYgywfkNPpoMewgsLcUkGx6HgMlyPwcFW8gEnhVEyIR2I9aPKQDXq0OdfG8hY-AiedFPM4k5HzBXJg_9bLM7irr5cnjyM4Wr3ZtvkKSk3W7EKE-oVFbzX611aWEFybn3jRjIP9n-pAefJGfNweteZe3dOd_Be9z8kckRsc0WPDryy7fDY-QRcMFq5ZUi_fFDtHoD-XtMMAHY_Il0j6J4ThOt5J48dCP-RqWGO5eUW2cMxxqIWUTeEykvUdc-EIUQlxKilLElcJro3mr6WuiN9Lt_Ua0OGuYdFOqMJh5PXdHDY4VkoH1PKZdpecHwUhOYFllnkC4Gohm2NtWIfOi09WUrQ9SFUJa2gVHVMU-oYlmnBvcr_4lsES6VzgXdAEMSGiZqusA7GaaQC9RryeveBn2vJ2l8t8f4jm2exBsXYH-oBUhFM8nHPR7GnhwAs4eH3bfIc7GbqOm-Z-rLt1GHipqav83XFsoEJDZ0fgsMWSS1qyU-5IDf3OPTUCIGQ4ssWDM3EjVncDfnw8Pz6z-bYiRVJROIMeHg71Iu7KY3SO4Qv0qHGGzv-ZIsT28Mrf3pP_mjZmrud0GAP9EukHuewLPlcboJM5ECmNqSPaTpeF9loCDhLI4XuQEkrEYU9K1mxoRENjrvXkudqk9oq9-ttHvITjEzLpWLFL6rKsDeYVAFY9nI1uNWo3oPAeIvtUdBMeng794cUvAk_3wDynbdYy2MpbACAeCHyi6mJDY_XIWxsgo_bEEr75ya4YCmnLKf55F4zh4QQ4qYhN8FKqqxSqtM36MCzIX5rTCZxqr8CfZL3XS66IbKL2KCNY2-7GGikewjY3scVChEOpy2dgcKGdCCUYzkJ2ZR1O9gTYPWFaIryCGbWkKkIuaXbmoxmC_H3ZQ220WU9FO35cEVE1dYt7zUF3b85Q-nd8SVFJ_WcLFr-wWeYPeYLlRseWqxsB0zB7p-HvdHSOOexCHAdFDFc4yW7C3inAh6BYnHdRHHIFiTv_fhKYOxiElgWok5aRAfvPKAim4P7xG2jL0MoGVwSuK_DPJfU7tRtcOswmfUeHURhiljMq8_dFwet7NwEZW6GBiXRNc_ICLxBHWlLzVw3YuvpFu4MpbAMKlhKbcsrYd4gnENUDCh21x0Sbzv9eKvqRsQ0wGXEoh_cnREuBApv-YbSJiPK42xI1aHsVb2rYTpGWI1IAWzNJL9SdLOHkBJBvjl4CFN34z8bS5VLwy5R2pGGMJ050117j1PZBfrozyfchAGuDdz11oDH7Liy5x4JUwTz27yuVWBjw0UZYUlNQVPXEht2x2iVFcDMN0y8dECk2KeuRJqMJHlVKeWZIrurkYQzbZcrslKodtSgPOF2tejLOQhFV3qrT3S6AOtOEAjzU0maT74_yppQ&sai=AMfl-YSDTkEja3NY0Kh6kOddA8Bn2iYNe7vVEuLPe5spd5jE2VzPNCivZu3UkCsXoY5Ehhi1O_IUon_3nowvXY0xqYAbBEoJsS0rPwR-oKRR6HfmeOHV7UVDd7bc0YnvWiyjF3eCw0dCvFfDcS2HrINL58PsKa7x3mykN0ZDSsL5ANCCc1FAZINv8Ab-stD-6SKrVHfwjICY67y8vs68cR206cl-vPgq_1x03LE8VqX76hSibjCFN5zxPYGEdIR0oWynxD6b&sig=Cg0ArKJSzNPHQ5hk-WJNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=39&cbvp=1&cstd=35&cisv=r20231207.92279&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-54-77-201-83.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 04C3 43 B
1 KB 113ms
41ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1014264744&extPm=519145519&extCr=20583580986&gdpr=&gdpr_consent=&rnd=2643216585

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 29 Dec 2023 00:01:48 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 29 Dez 2023 12:01:49 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 event
skydeutschland.demdex.net/ Frame 04C3 42 B
737 B 50ms
50ms Image
image/gif 54.77.201.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=183573994&d_placement=376139407&d_campaign=30665181&d_bust=2643216585&gdpr=&gdpr_consent=

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.77.201.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcscanary-prod-irl1-1-v067-0bdddab1a.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: nCJ9TkMDSSs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C65 39 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E40 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMmVA4WCLA20fKLjW7GcIXv15hWpn1e5GI1r9PVyFI2eiebp9cZZP6oQa7KXfqudhYxKXaWyUIK1X8VBMCrHPM-Y8wB9LG7kxGMHB9rvepNTKBBc2AA0SjoGTHjfiIj1ONYh12Jbh9RGIglFXWgAZW4mgj&sai=AMfl-YSU9mk342rj1drjaD-1kQSh6MnieWFclbqmVTSIAYA12hWELRjGZuwxqRU110UcfX7WTEGFjDxbT-F-1j7D4Wv1E6oJo3YT6ZRvKdBUVAeRS3gf09SavQaqp2s&sig=Cg0ArKJSzK08Z13PpvTWEAE&cid=CAQSOwAvHhf_kFhBiEyBoWPZZQR4wqW101zylE6J9n4m7p-F28FP2jNMSt1kl6nVXb9zzInP6PCkPj3_AQl2GAE&id=lidar2&mcvt=1000&p=184,315,434,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1100188297&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703808107901&rpt=256&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15794812920567058460/ Frame 827E 6 KB
2 KB 29ms
22ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15794812920567058460/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731c77382349141b9a93b104dbdd29dadda0290b5036b8fb678205f7ffe73355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 09:06:41 GMT
date: Tue, 26 Dec 2023 09:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226508
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1826
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 12:29:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 827E 118 KB
40 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 04:12:33 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 827E 63 KB
25 KB 66ms
59ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:01:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 827E 8 KB
6 KB 62ms
61ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1367a4795a104026bc94ae7d0a43706ec38ae9c4a13cf72297b972aaf697bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5852
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C65 0
22 B 56ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDtD6bQyOZZxPksD27w-Fzpr4DwAAAAA4AeAEAg&bg=!qqmlqebNAAY3kmNgF5I7ADQBe5WfOIHpfvz-H2WOWjSc5rO5kdzXFpn4QiOQZaWYzxZ1Uhr2Aog3LumJBHOgpzI4b-T-AgAAADpSAAAAAWgBB5kDNnjPE7Kn-I7ZMJGn1fE4ImMUUtM7EhWrHjSP7Y2oeJxSlL1U9iyh2wnH5gOdNRS6Q1Sn1UMCf5DmIBw3O024hSReUw4itq7ucO9TRzhOD1xNUCP03O6CBedRuAXQWEUxtMpgxZ7nig_SpR6_mU39xrTIEI_ZimBnLKeUdzNn_6jz3JhCmVII3H8_VV6NxCuZ628ahqOK6AUE_ssONWyIA4Q--l7VKfclVfwjNcwQldk16APqPAlRnhIWlb-5Kc5BZsD8JuOnE7sEXK5EAcZBq6nw5kEO1E-YlWfxXl1wVwhXnCAdtLHKlJg6EBVfsUKV4q1EojP8pXHQZ658pFQsil7rqVYHQhjrVFjutae6LFqjPHBRZiw76dH_4PvZccTOcXy_8FXA5NnNXlipwCYktbpSOhMU_K8-7tmq5bMq9UennyWf1piDvI9OrtrtosasgwkOFi4RfdJsQ7zhXXSmNsZAXrpdIms-vekHa5taMyN7ys4k0WU0oMHgx0ikEOv_vKdjou6RSJOgOQpnhxKYEYQ5iuuK0uNyvEpZRCXWbM9Lc5-FYTG8l_hP3lTGquiBikkAjg25o0n3-PmeCqws_qB9IFwStidbBLrZTDOgR146lsJIhQVGiY8lP5DWCfiUoG2fupTdz_RjWzydNDz7DCm1K_vbFH3Ihf3939n-Nh9qLFBybw8izJ9A5jnrfLiXMW19Xfrtrzy7jSr4H3NtOf5TDqpnHQepkulwviSO8Bf2mDBMEQQn5SD3LEnzfPJi4b3sTMba7LqA4spcvInW_3bh31dbI0-6lLldRmlohMdSf6w4BIz-JzOmc3Ky0m8U03qR4A3SN_xHafvrxYNPbV068puqU89Dg0gpeEHEnGbqLne9Sx7M6qyaGurHzUDr53Q4MBHj1YPp9d0sfrmCks8JpEv9U_u3H-0yBxbFj_rOOTYAftsf5PDLF_o4dSBcirli-n0GCM7ri6Pg3_sntTJNtQX9xzkaCsgGdD9vM6kiptunF1ZeI4hHEP2DergevFGcz5c5C3zBaT7nwK8RgF_eHSG2I_CeslwlYfAQW7TvhAoux1jgIqEKlOQb-iAnchv2CmMH-g

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 nowtvtext-bold.woff2
s0.2mdn.net/creatives/assets/3690075/ Frame 827E 30 KB
30 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3690075/nowtvtext-bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15794812920567058460/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20c74099800465c67556724a9ff0f7f5160e51c541392c2fa1836cd7f785682b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:56:13 GMT
x-content-type-options: nosniff
age: 336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30332
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 08:32:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:11:13 GMT

GET
H3 200 nowtvtext-regular.woff2
s0.2mdn.net/creatives/assets/3690075/ Frame 827E 29 KB
29 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3690075/nowtvtext-regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15794812920567058460/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60269b139f53846dacaf5effdae581cd34b908990abdc44c915db3f649a478e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:56:14 GMT
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29628
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 08:33:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 00:11:14 GMT

GET
H3 200 blank.png_1670941006737_blank.png
s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4631681/ Frame 827E 95 B
120 B 21ms
20ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4631681/blank.png_1670941006737_blank.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 03:20:55 GMT
x-content-type-options: nosniff
age: 247254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 14:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 03:20:55 GMT

GET
H3 200 DCO_WOW_Die_Fabelmans_300x250.jpg_1698658364655_DCO_WOW_Die_Fabelmans_300x250.jpg
s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4736540/ Frame 827E 56 KB
56 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11030228/s0.2mdn.net/creatives/assets/4736540/DCO_WOW_Die_Fabelmans_300x250.jpg_1698658364655_DCO_WOW_Die_Fabelmans_300x250.jpg

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51bc5bfab5abe3c14e38d734548f4ff21ee9a0401b7aedf80f9bfa2c23b4c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15794812920567058460/index.html?e=69&leftOffset=0&topOffset=0&c=eTjdXEA5Cn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:48:04 GMT
x-content-type-options: nosniff
age: 227625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57143
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:34:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 08:48:04 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 04C3 0
0 59ms
57ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbQdzwAyEFFenrRcmPe7euCS6ZiWQE22nSemyAudaeQlOyBE1f7c1L4m8XRbBR5Wyyl_CrdYn0i7TQtrvrGmDBj1YbjMW6geYgywfkNPpoMewgsLcUkGx6HgMlyPwcFW8gEnhVEyIR2I9aPKQDXq0OdfG8hY-AiedFPM4k5HzBXJg_9bLM7irr5cnjyM4Wr3ZtvkKSk3W7EKE-oVFbzX611aWEFybn3jRjIP9n-pAefJGfNweteZe3dOd_Be9z8kckRsc0WPDryy7fDY-QRcMFq5ZUi_fFDtHoD-XtMMAHY_Il0j6J4ThOt5J48dCP-RqWGO5eUW2cMxxqIWUTeEykvUdc-EIUQlxKilLElcJro3mr6WuiN9Lt_Ua0OGuYdFOqMJh5PXdHDY4VkoH1PKZdpecHwUhOYFllnkC4Gohm2NtWIfOi09WUrQ9SFUJa2gVHVMU-oYlmnBvcr_4lsES6VzgXdAEMSGiZqusA7GaaQC9RryeveBn2vJ2l8t8f4jm2exBsXYH-oBUhFM8nHPR7GnhwAs4eH3bfIc7GbqOm-Z-rLt1GHipqav83XFsoEJDZ0fgsMWSS1qyU-5IDf3OPTUCIGQ4ssWDM3EjVncDfnw8Pz6z-bYiRVJROIMeHg71Iu7KY3SO4Qv0qHGGzv-ZIsT28Mrf3pP_mjZmrud0GAP9EukHuewLPlcboJM5ECmNqSPaTpeF9loCDhLI4XuQEkrEYU9K1mxoRENjrvXkudqk9oq9-ttHvITjEzLpWLFL6rKsDeYVAFY9nI1uNWo3oPAeIvtUdBMeng794cUvAk_3wDynbdYy2MpbACAeCHyi6mJDY_XIWxsgo_bEEr75ya4YCmnLKf55F4zh4QQ4qYhN8FKqqxSqtM36MCzIX5rTCZxqr8CfZL3XS66IbKL2KCNY2-7GGikewjY3scVChEOpy2dgcKGdCCUYzkJ2ZR1O9gTYPWFaIryCGbWkKkIuaXbmoxmC_H3ZQ220WU9FO35cEVE1dYt7zUF3b85Q-nd8SVFJ_WcLFr-wWeYPeYLlRseWqxsB0zB7p-HvdHSOOexCHAdFDFc4yW7C3inAh6BYnHdRHHIFiTv_fhKYOxiElgWok5aRAfvPKAim4P7xG2jL0MoGVwSuK_DPJfU7tRtcOswmfUeHURhiljMq8_dFwet7NwEZW6GBiXRNc_ICLxBHWlLzVw3YuvpFu4MpbAMKlhKbcsrYd4gnENUDCh21x0Sbzv9eKvqRsQ0wGXEoh_cnREuBApv-YbSJiPK42xI1aHsVb2rYTpGWI1IAWzNJL9SdLOHkBJBvjl4CFN34z8bS5VLwy5R2pGGMJ050117j1PZBfrozyfchAGuDdz11oDH7Liy5x4JUwTz27yuVWBjw0UZYUlNQVPXEht2x2iVFcDMN0y8dECk2KeuRJqMJHlVKeWZIrurkYQzbZcrslKodtSgPOF2tejLOQhFV3qrT3S6AOtOEAjzU0maT74_yppQ&sai=AMfl-YSDTkEja3NY0Kh6kOddA8Bn2iYNe7vVEuLPe5spd5jE2VzPNCivZu3UkCsXoY5Ehhi1O_IUon_3nowvXY0xqYAbBEoJsS0rPwR-oKRR6HfmeOHV7UVDd7bc0YnvWiyjF3eCw0dCvFfDcS2HrINL58PsKa7x3mykN0ZDSsL5ANCCc1FAZINv8Ab-stD-6SKrVHfwjICY67y8vs68cR206cl-vPgq_1x03LE8VqX76hSibjCFN5zxPYGEdIR0oWynxD6b&sig=Cg0ArKJSzNPHQ5hk-WJNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=167&dett=3&cstd=35&cisv=r20231207.92279&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cultura.uol.com.br
URL: https://cultura.uol.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 827E 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:01:49 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B6D 39 KB
15 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A9F 0
22 B 59ms
53ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9192681546792&version=m202309260101&ct=76&x=1&cor=12550048584718799000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E40 0
22 B 61ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3257049892370&version=m202309260101&ct=76&x=1&cor=14108558864458732000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
141 B 185ms
121ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e8d910c7de9c96fcad8dcf25ee0f3d36873ef153a984fa4711322b6e305b41ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:49 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 57ms
54ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 19607 Show response
tv.springserve.com/rt/ Frame EAA3 27 B
218 B 1152ms
1151ms XHR
application/xml 52.213.69.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.springserve.com/rt/19607?cb=1703808109853&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&language=en&inv_partner_domain=tvcoins.com&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3Aea89%3A564%3Af4f7&dnt=0&lmt=0&url=https%3A%2F%2Fcultura.uol.com.br%2F&w=377&h=218&did=9cb019f9-e101-4a0d-b049-c2033d757721&ifa_type=sessionid&content_id=b6ae743e-fcc0-4a1f-addd-9575477287f8&content_title=TV+Cultura+-+Ao+Vivo&vt=TV+Cultura+-+Ao+Vivo&coppa=0&placement=1&channel_name=TV+Cultura+-+Ao+Vivo&tvc_channel_type=live&schain=1.0%2C1%21tvcoins.com%2C25afe66662054592b9a99d97c1938205%2C1%2C%2C%2C%21springserve.com%2C1689%2C1%2C%2C%2C&payid=afc3f49c3bced813%3A25afe66662054592b9a99d97c1938205&content_livestream=1&r_type=pre&prodq=0&ssid=c5a31cc0-1cc2-4bd9-8388-6199f5d119bb&mute=1&ad_type=video&givn=AQzzBGQElxNIdD4LSbwpOSjW3B22y8kNE1HyZGbLxwN9v4fkNOwCG6PZD_51j3QgkwJsHRgL94gjlcmV5spSSD7vjWPXEAe3hzwm-KQowP-w6qr46EDaRNyzbZB-0EQV5z5we9BVSsPq9KPoy9lCKTGLcJAi3OWgviuyPRBjAjazcNKKltm1qBlJoao4HhBbdoXDWJl2uN4c8p5Nn-xQucBaVvh3HrEBOUXU1QFG3WrH9Kw_pjaeAPThtrQq7mdUwqu2-VPy20vKuDA9xOxO9e0_bL6d73H2_zEI5hQ3BPiQdrWzKbjfLe_NEMTkqD-yopV9iE61v6kliTK-eX1B5or3ARwrg8gAoL-V4cVKSh94EUp23SDJCU1nDuvjP9ryXpu95jhKp5xPpVJtOjDxeN4EhQ-1dYO_ualO6939enZxa_oDfxTnDZt1GZM1bYBUOdegRzSLy-Tu6uPf6pQ9r41ZO35kc31857WQo_AfeL2PRgQNteQ8m4vYGm9S-u2zvzENpulFqT28i8VkP6uVqyqpGO8fo7K99GKOF8m3h6bgAA77VtwyzoI2f8xJFp_wbRz3mo5NyJ5ZG4nuEY_d0w9xXqoQqBRbDFQv6TlswE4zeCl7Tyiqg_dDTVQlHDt-i1gL4fTbWOCvsY7mt5P4U0cMcMO84H4cnXpBX41LAZqdodCqHo2HWEMwCNWIP1sK2MF4HJsbwmWVzsfD_tnWPv62naiUfvI-LH3LLXNqOTf_hRUqBUiwlgLk5_2QsH8GmBcT_OHrsZ7J44cx6fwTKF5Cg5qmVWcEuNdHk7M6oLM_eZ3t4oH1jXy-YyQqqH3__HReJMoL_83KHIp7fmIdd_7muX_HV8ptTXanxnMd270m1p-JHWCnbBFbv4piqbLzBWaE_oMQPXdHO6xDtxzhO4cxKQBFvjfbDZmZ2sRf1xMZSU8EXVPjV1LAtc4rJ7B6kaEmNRwZ9E9V3XfAdfxqo4Phd1KIVX7HZ3s0JXzmuhC-dRtVTdpC7dcevkpEeA3yCw..
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.69.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-69-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 29 Dec 2023 00:01:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 27
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml

GET
H2 200 b Show response
b.t.tailtarget.com/ 126 B
540 B 123ms
123ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=1&tU=0100007F6B0C8E65DC06C50902D4DF28&tX=b.52&tZ=58016254&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e07b286b547d3e1e15550554fbb4af7d553e355132220050b8cca1dca1f650db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 04C3 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGwWsSzoozif2NqWlinWTwp5QUVqjCuIdmHD_fNtTFqlYQPAwCPISOyTgcZCLnfrdbixyTXbiTbNt5qKjYMAUe3k1eaJ4LNRw3RFC5feRU9FtmvRBaDLblCOEOvxJHcjD5L-p-JxSS-GDDqRD0KWXISbcN&sai=AMfl-YSnevoBLcjBpLB45XTzGI2u4BEvHmnVOCrhq8NwH5c9TgQQUg-1pn46xYppJtczCiozYMl4LYyx5XK3Gb2acj-ufHmVPtlapke4F_TX6g91DYL9X9Bgm0voT1Q&sig=Cg0ArKJSzGRZvcJ9S-OOEAE&cid=CAQSOwAvHhf_ikGmSl5Oo9PV0G2of8kQzCXk1rf8oXW8wGPHU3rzk_xbLdYFiLHeqRJRys8LkhX1O3AVtgnsGAE&id=lidar2&mcvt=1001&p=800,1280,1050,1580&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3440619924&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703808108828&rpt=279&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
329 B 124ms
123ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=535076488&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: befdfeae5c1d6ae9ae73d16ca6e80b82d8064b38a7d1ca199dc4c868c653b17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H/1.1 200
OK /
firehose.us-east-1.amazonaws.com/ Frame 0
0 122ms
122ms Preflight 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Fri, 29 Dec 2023 00:01:49 GMT
x-amzn-RequestId: c4b82d12-3afc-c2a9-9ab0-23bc60dfae59

POST
H/1.1 200
OK / Show response
firehose.us-east-1.amazonaws.com/ 299 B
740 B 131ms
131ms Fetch
application/x-amz-json-1.1 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash: e24634f04b5d065c0b389cfc302e8647300c6cfd0aad1b932e7387b53256cea3

Request headers

accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/firehose/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=c23bcb2e4caa62d5671a149c463cf0c564c8644865d0c9e4550eba2b14c2ad84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-content-sha256: f689ebf51b588409a9f6db2b696b6273ec714d47ef854fa42a67a7b1415f8154
amz-sdk-invocation-id: 092882df-6a32-4fe5-8dbd-7927dad0ded0
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
amz-sdk-request: attempt=1; max=3
x-amz-target: Firehose_20150804.PutRecordBatch
Referer: https://cultura.uol.com.br/
x-amz-date: 20231229T000150Z
x-amz-user-agent: aws-sdk-js/3.306.0 os/Windows/NT_10.0 lang/js md/browser/Chrome_120.0.6099.109 api/firehose/3.306.0

Response headers

Date: Fri, 29 Dec 2023 00:01:49 GMT
Content-Encoding: gzip
x-amzn-RequestId: db3d7692-4a41-92ef-8535-783c1062fe1f
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 280
x-amz-id-2: cS7bZyfXs++rlHmCIcQ8Ub+jiAYJH9bnDEzqgX+qSUtMq6ilHs1IAF3CL2mg9XFDRgee1rW1X1GuqVnrT82EVbyqQdomyWc2

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
376 B 43ms
42ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcultura.uol.com.br%2F&domain=cultura.uol.com.br&bundle=hxYGol9QbDc5d1JYS1FSODFHT0FSSjQlMkJwQkF6RXluJTJGVllzcXc3ZnNLNGNXaVkzZ1k2NHJCeGcweGs1cjNJV1RZTnc1anh0ekRhdjZ1UGVUV3QzaDFieXVFRSUyQlIwazVHN29VZ0ttNFJYSmxNcmoyYyUyRlpMY1BCZ25DM3ozV2pJZkQlMkJaVE9Zd2NvVVNHeTZJV3dJRW91SmFhYzF3JTNEJTNE&cw=1&pbt=1&lsw=1

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cultura.uol.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 236702
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 128ms
44ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 29 Dec 2023 00:01:50 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 249005
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3503 3 KB
2 KB 108ms
56ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1077
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83cdc551af6b4522-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 00:01:50 GMT
expires: Fri, 29 Dec 2023 04:01:50 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 54A1 52 KB
17 KB 91ms
23ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 29 Dec 2023 00:01:50 GMT
ETag: "623de86a-cf34"
Expires: Sat, 30 Dec 2023 00:01:52 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4D64 281 B
555 B 76ms
25ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Dec 2023 00:01:50 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C3 0
24 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5175398151622&version=m202309260101&ct=76&x=1&cor=14594041290165266000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4D64 45 KB
13 KB 24ms
24ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4341dfff405c154b177b55f1f829d1b1fac7f21bac6a8506de39d9e15ca5a699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 00:01:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2023 21:49:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78417
Connection: keep-alive
Content-Length: 13174
Expires: Fri, 29 Dec 2023 21:48:47 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 54A1 0
595 B 28ms
28ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-52-31-247-171.eu-west-1.compute.amazonaws.com

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
an-x-request-uuid: 4ca95417-aaba-43c4-b287-5805ad40fbb1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6B83 2 KB
1 KB 64ms
63ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eb8bd841d0577f4415ba39df2bce68d8f27de3d8c78e82b7188efaa333650a

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83cdc5521ac358f6-TXL
content-encoding: br
content-type: text/html
date: Fri, 29 Dec 2023 00:01:50 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dR5pcLadXS9kzDB40T92JeUnpPkKktch8Z5KY81oKc%2Bj86ozpXO7SpWaMf%2FNY%2Baogf%2FO8%2F0ef1iF6jHiA98rI%2BS1p02%2BvNZyKn8nOsMwP83wsmhMkY2vGYioOcFQ2EeyZCz3%2FA51uZEU4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 4D64 7 B
380 B 78ms
19ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H2

200

sync
x.bidswitch.net/ Frame 6B83
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://x.bidswitch.net/sync?ssp=liveintent&user_id=4bff1638-1e1b-4901-a9eb-0ccb3e86ab88

43 B
145 B

20ms
20ms

Image
image/gif

3.123.206.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=liveintent&user_id=4bff1638-1e1b-4901-a9eb-0ccb3e86ab88
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 3.123.206.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-206-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?ssp=liveintent&user_id=4bff1638-1e1b-4901-a9eb-0ccb3e86ab88
Date: Fri, 29 Dec 2023 00:01:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6B83 43 B
602 B 140ms
53ms Image
image/gif 2a05:d018:d29:3602:f518:22e7:3421:18e4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:f518:22e7:3421:18e4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 6B83 43 B
433 B 182ms
41ms Image
image/gif 52.31.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.247.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 29 Dec 2023 00:01:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 6B83
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e0f8e5671df35e7ccc13534cbeaf1eb&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv2889_7317801832270742156&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?userId=AAD-z07LHBkAABRwny_PHg&dataProviderId=817&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/stickyads/e0f8e5671df35e7ccc13534cbeaf1eb?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ls9BKzxE2oNAVMODhRc0W6X45svvgw3Lo1bq6KI3~A
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTBmOGU1NjcxZGYzNWU3Y2NjMTM1MzRjYmVhZjFlYg==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHkc7EF_dWZ5P_YgOIo6XEY&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

45ms
45ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 00:01:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1703808110788070-587

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6B83 0
187 B 202ms
28ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6B83
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1486428014868131661&expiration=1705017710

43 B
735 B

62ms
62ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1486428014868131661&expiration=1705017710
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzHdRC0vaNKebrB9Mr9rj3b%2FIjBWirpzd1AFWtq8CaGrksPLo0GnvF4pykF6nXLEk2oPO%2BFjA%2BQ%2BCCW3UxZDQcPnjl2xUzfNLd6LtYRZVBydhhPkaE23%2BBTs2slhAm88s9AUms%2FwqsOL6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cdc552cc1b58f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1486428014868131661&expiration=1705017710
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ibs:dpid=23728&dpuuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126
dpm.demdex.net/ Frame 6B83 42 B
715 B 47ms
46ms Image
image/gif 54.77.201.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZY4MaWmiq1NwScaaH-A4aQAA%265126?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.77.201.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-201-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-045ff60d9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 29 Dec 2023 00:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Viz73zFMRSA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 6B83 0
38 B 23ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZY4MaWmiq1NwScaaH_A4aQAAFAYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6B83 43 B
229 B 34ms
28ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZY4MaWmiq1NwScaaH-A4aQAA%265126
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcultura.uol.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 58729
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 83cdc55289184522-TXL
content-length: 43
expires: Sat, 30 Dec 2023 00:01:50 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 149ms
126ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=___de_1703808110070_1410576311&tJ=&tQ=tvcultura&tU=0100007F6B0C8E65DC06C50902D4DF28&tX=b.52&tY=1&tZ=318218234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:50 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame EAA3 0
17 B 117ms
117ms Ping
image/gif 2607:f8b0:400c:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqpvcutt&c=1114084764324&slotId=557042382162&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c05::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 19607 Show response
tv.springserve.com/rt/ Frame EAA3 27 B
218 B 1243ms
1243ms XHR
application/xml 52.213.69.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.springserve.com/rt/19607?cb=1703808109853&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&language=en&inv_partner_domain=tvcoins.com&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3Aea89%3A564%3Af4f7&dnt=0&lmt=0&url=https%3A%2F%2Fcultura.uol.com.br%2F&w=377&h=218&did=9cb019f9-e101-4a0d-b049-c2033d757721&ifa_type=sessionid&content_id=b6ae743e-fcc0-4a1f-addd-9575477287f8&content_title=TV+Cultura+-+Ao+Vivo&vt=TV+Cultura+-+Ao+Vivo&coppa=0&placement=1&channel_name=TV+Cultura+-+Ao+Vivo&tvc_channel_type=live&schain=1.0%2C1%21tvcoins.com%2C25afe66662054592b9a99d97c1938205%2C1%2C%2C%2C%21springserve.com%2C1689%2C1%2C%2C%2C&payid=afc3f49c3bced813%3A25afe66662054592b9a99d97c1938205&content_livestream=1&r_type=pre&prodq=0&ssid=c5a31cc0-1cc2-4bd9-8388-6199f5d119bb&mute=1&ad_type=video&givn=AQzzBGQElxNIdD4LSbwpOSjW3B22y8kNE1HyZGbLxwN9v4fkNOwCG6PZD_51j3QgkwJsHRgL94gjlcmV5spSSD7vjWPXEAe3hzwm-KQowP-w6qr46EDaRNyzbZB-0EQV5z5we9BVSsPq9KPoy9lCKTGLcJAi3OWgviuyPRBjAjazcNKKltm1qBlJoao4HhBbdoXDWJl2uN4c8p5Nn-xQucBaVvh3HrEBOUXU1QFG3WrH9Kw_pjaeAPThtrQq7mdUwqu2-VPy20vKuDA9xOxO9e0_bL6d73H2_zEI5hQ3BPiQdrWzKbjfLe_NEMTkqD-yopV9iE61v6kliTK-eX1B5or3ARwrg8gAoL-V4cVKSh94EUp23SDJCU1nDuvjP9ryXpu95jhKp5xPpVJtOjDxeN4EhQ-1dYO_ualO6939enZxa_oDfxTnDZt1GZM1bYBUOdegRzSLy-Tu6uPf6pQ9r41ZO35kc31857WQo_AfeL2PRgQNteQ8m4vYGm9S-u2zvzENpulFqT28i8VkP6uVqyqpGO8fo7K99GKOF8m3h6bgAA77VtwyzoI2f8xJFp_wbRz3mo5NyJ5ZG4nuEY_d0w9xXqoQqBRbDFQv6TlswE4zeCl7Tyiqg_dDTVQlHDt-i1gL4fTbWOCvsY7mt5P4U0cMcMO84H4cnXpBX41LAZqdodCqHo2HWEMwCNWIP1sK2MF4HJsbwmWVzsfD_tnWPv62naiUfvI-LH3LLXNqOTf_hRUqBUiwlgLk5_2QsH8GmBcT_OHrsZ7J44cx6fwTKF5Cg5qmVWcEuNdHk7M6oLM_eZ3t4oH1jXy-YyQqqH3__HReJMoL_83KHIp7fmIdd_7muX_HV8ptTXanxnMd270m1p-JHWCnbBFbv4piqbLzBWaE_oMQPXdHO6xDtxzhO4cxKQBFvjfbDZmZ2sRf1xMZSU8EXVPjV1LAtc4rJ7B6kaEmNRwZ9E9V3XfAdfxqo4Phd1KIVX7HZ3s0JXzmuhC-dRtVTdpC7dcevkpEeA3yCw..
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.69.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-69-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 29 Dec 2023 00:01:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 27
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 54A1 0
595 B 28ms
28ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:51 GMT
an-x-request-uuid: ac37b38e-1593-4eca-a0f3-912d23f6dc21
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 data Show response
a-fds.youborafds01.com/ 109 B
378 B 99ms
32ms XHR
application/json 2001:1af8:5000:b001::51
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://a-fds.youborafds01.com/data?outputformat=json&system=onefootball&pluginVersion=6.8.35-adapterless-js&requestNumber=0.35576926390548547&timemark=1703808111428
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1af8:5000:b001::51 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 923bb35bd2012741b2b4b644b10195629a07530d548f6f2cfb4ec4efe879ba75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
last-modified: Fri, 29 Dec 2023 00:01:51 GMT
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 109
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4khhJ5BX Show response
cdn.jwplayer.com/v2/playlists/ 70 KB
8 KB 265ms
216ms Fetch
application/json 2600:9000:238d:1200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/4khhJ5BX
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:1200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 9a9da99209595049cb2d043f6a4519818cf1ed6dcb626b2cb85907ec3f03ccb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-robots-tag: noindex, indexifembedded
content-length: 7460
x-amz-cf-id: v3n1VEELxIT7pOEbO8iTFzil93YJnimyo-i_ZvFbbKGf8K9xRwx5Hg==
expires: Fri, 29 Dec 2023 00:04:51

POST
H/1.1 200
OK / Show response
firehose.us-east-1.amazonaws.com/ 539 B
920 B 130ms
130ms Fetch
application/x-amz-json-1.1 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash: 40278c3cea78cf4b55357d0c5717ff1a0c50daa195a84e5bc3c2b78bcfebc978

Request headers

accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/firehose/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=ec4937147478274b8d326d6f940ae7b63252a7816de00059ac5c0d89ac74b13a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-content-sha256: c4e7d1f1dcfe3d61f6d331ecc9f9b861f1d208d79f0cc49b0489664ed315e4a3
amz-sdk-invocation-id: 05eeccf4-6d55-40ac-81c9-767d0515eafc
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
amz-sdk-request: attempt=1; max=3
x-amz-target: Firehose_20150804.PutRecordBatch
Referer: https://cultura.uol.com.br/
x-amz-date: 20231229T000151Z
x-amz-user-agent: aws-sdk-js/3.306.0 os/Windows/NT_10.0 lang/js md/browser/Chrome_120.0.6099.109 api/firehose/3.306.0

Response headers

Date: Fri, 29 Dec 2023 00:01:51 GMT
Content-Encoding: gzip
x-amzn-RequestId: c044addd-6dbe-c135-9e4c-a372379dadc5
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 460
x-amz-id-2: Njfx9tAu5TQYdJPlmkYcA/xZqkPxmuYKMjWolVotgG/6iVw4QuxesFGaES+Wgel2ZdYYSEUmQuFHUrRMR7sX/gnvarSHC0Cw

OPTIONS
H/1.1 200
OK /
firehose.us-east-1.amazonaws.com/ Frame 0
0 121ms
121ms Preflight 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Fri, 29 Dec 2023 00:01:50 GMT
x-amzn-RequestId: d926a384-39ae-335b-872e-ad2b638d5fab

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ 74 KB
22 KB 25ms
19ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/googima.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 85651
x-cache: HIT
content-length: 22454
x-served-by: cache-fra-etou8220052-FRA
last-modified: Mon, 13 Nov 2023 20:12:26 GMT
server: AmazonS3
x-timer: S1703808112.718300,VS0,VE0
etag: "016fdad688d9003e0b0c4157e803cf37"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, immutable
accept-ranges: bytes
x-cache-hits: 6991

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ 65 KB
20 KB 30ms
24ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 608
x-cache: HIT
content-length: 19890
x-served-by: cache-fra-etou8220052-FRA
last-modified: Thu, 14 Dec 2023 19:59:18 GMT
server: AmazonS3
x-timer: S1703808112.718503,VS0,VE0
etag: "1a96e7c0d0040b922d2458e3bc2cfe7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 174

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ 318 KB
84 KB 23ms
19ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3763826
x-cache: HIT
content-length: 85284
x-served-by: cache-fra-etou8220052-FRA
last-modified: Mon, 13 Nov 2023 20:12:20 GMT
server: AmazonS3
x-timer: S1703808112.718316,VS0,VE0
etag: "95e4ba794923b67ae5be72627198a8b3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 374452

GET
H2 200 pt.json Show response
ssl.p.jwpcdn.com/player/v/8.30.1/translations/ 4 KB
2 KB 60ms
18ms XHR
application/json 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/translations/pt.json
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3645648
x-cache: HIT
content-length: 1449
x-served-by: cache-fra-etou8220058-FRA
last-modified: Mon, 13 Nov 2023 20:12:33 GMT
server: AmazonS3
x-timer: S1703808112.757703,VS0,VE0
etag: "d38ea3780a421961071427e9dd1f73a3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ 413 KB
123 KB 23ms
23ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3945776
x-cache: HIT
content-length: 126154
x-served-by: cache-fra-etou8220052-FRA
last-modified: Fri, 10 Nov 2023 21:07:29 GMT
server: AmazonS3
x-timer: S1703808112.719968,VS0,VE0
etag: "c735ce7c150fe5e0fdf3e61f12fd8527"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 347677

GET
H2 200 santos.png
dugout.com/images/publishers/logos/ 8 KB
8 KB 120ms
28ms Image
application/octet-stream 13.227.219.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dugout.com/images/publishers/logos/santos.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-107.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c094acd47138d4af9c4192b5c6ceafa48c35682421382e8b028432cb0c86310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: n45NNY5NsDyz6ar7KpSfa0.Ee11N2pl3
date: Thu, 28 Dec 2023 23:38:13 GMT
via: 1.1 0f34c0d3b0e50b8875bcbb7d41684a58.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 11:44:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 1433
etag: "9976257111074d7bbfcd38070652e0bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 7826
x-amz-cf-id: 4VJfXYnJzX5Qpk2zG4ODZ8wMIegGnGAbFcLj9EuPgkGH8_opURVCLg==

GET
H2 200 R6zixFK+Eei17gpVuA4vVw.json Show response
entitlements.jwplayer.com/ 69 B
250 B 169ms
39ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/R6zixFK+Eei17gpVuA4vVw.json
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6A96) /
Resource Hash: 5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
last-modified: Thu, 28 Dec 2023 20:12:06 GMT
server: ECAcc (amb/6A96)
age: 13785
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=18360
accept-ranges: bytes
content-length: 80

GET
H2

200

Q7iCiXiE-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/Q7iCiXiE-120.vtt
https://assets-jpcust.jwpsrv.com/strips/Q7iCiXiE-120.vtt

3 KB
770 B

105ms
105ms

XHR
text/vtt

2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/Q7iCiXiE-120.vtt
Protocol: H2
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: caa3c55b3fcef78618163ad4862adc82aac728002f134734d58a75fc864466f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 91
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 437
x-served-by: cache-iad-kiad7000166-IAD, cache-fra-etou8220058-FRA
last-modified: Thu, 28 Dec 2023 22:07:45 GMT
server: nginx
x-timer: S1703808112.942756,VS0,VE87
etag: "4f866ba65243b8115a88d499315ec4c6"
vary: Accept-Encoding
content-type: text/vtt
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 26, 1

Redirect headers

date: Fri, 29 Dec 2023 00:01:51 GMT
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://assets-jpcust.jwpsrv.com/strips/Q7iCiXiE-120.vtt
access-control-allow-origin: *
x-robots-tag: noindex, indexifembedded
content-length: 166
x-amz-cf-id: lMMLzWSqKTF2nsW2Duxbo8M4T8P66F9tSY7-vymPlpwmIxP6AiH72Q==

GET
H2 200 OneFootball.png
embed.dugout.com/images/ 7 KB
7 KB 20ms
20ms Image
image/png 2600:9000:214f:e200:8:ced9:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.dugout.com/images/OneFootball.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e226001a4667de86a4bc798fd504bac9625facc2b0856982b257b39992f77aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 29 Dec 2023 00:01:29 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 10:43:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 23
etag: "719d529f5cf512aaf0bb0969f4692112"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 7024
x-amz-cf-id: gxT-994Rl0fiKgNEqUpapndeSfUxE6_bu7zSc79NRxL3jQ0ZtTpVng==

GET
H2 200 provider.cast.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ 30 KB
10 KB 20ms
19ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.cast.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3807098
x-cache: HIT
content-length: 10035
x-served-by: cache-fra-etou8220052-FRA
last-modified: Mon, 13 Nov 2023 20:12:23 GMT
server: AmazonS3
x-timer: S1703808112.805050,VS0,VE0
etag: "11ee85ad71debb9f00a186341c5562fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 186227

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.30.1/ 103 KB
25 KB 20ms
20ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/related.js
Requested by: Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3807347
x-cache: HIT
content-length: 25137
x-served-by: cache-fra-etou8220052-FRA
last-modified: Mon, 13 Nov 2023 20:12:25 GMT
server: AmazonS3
x-timer: S1703808112.805036,VS0,VE0
etag: "e6b820b0a7ae68bd30c9a97e44e1ea55"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 339372

GET
H3 200 bridge3.609.1_pt.html Show response
imasdk.googleapis.com/js/core/ Frame 05FB 751 KB
240 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.609.1_pt.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8ba54d4e3ab154c2c9f0b1d59f9b1eaa9aa2a4eb1601bfcbb0041bd82c879d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 541466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246079
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 17:37:25 GMT
expires: Sat, 21 Dec 2024 17:37:25 GMT
last-modified: Mon, 18 Dec 2023 19:42:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5AD8 40 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:38:03 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
203 B 200ms
108ms Image
text/plain 2600:9000:20a0:b000:1b:6b7c:c940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-444701391&e=e&n=3040558290226978&abc=0&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=ivsgl61kb3zi&i=0&id=Q7iCiXiE&lid=1euuxxgqot4d&lsa=set&mt=1&pbd=1&pbr=1&pgi=du0fuj1hagc2&ph=1&pid=9CKKEHOJ&pii=0&pl=204&plc=10&pli=ur51g81aer0d&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=TV%20Cultura&pu=https%3A%2F%2Fcultura.uol.com.br%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=1&t=Um%20ano%20sem%20o%20eterno%20Rei%20Pel%C3%A9&tv=3.43.2&vb=0&vi=0&vl=0&wd=363&ab=1&cae=0&cb=1&cdid=player-1&cme=0&dd=1&fed=4khhJ5BX&flc=0&fv=&ga=0&lng=pt-br&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FQ7iCiXiE.m3u8&pbc=1&pd=2&pdr=&plng=pt-br&plt=4700&pni=0&po=0&pogt=TV%20Cultura&sp=0&st=90&sa=1703808111796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:b000:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P2
x-amz-cf-id: 8RPd12riy1NGpLBVdZ8rvNyhr5bGl6nHdeTGJmIb00nKpHK4Rqp3Lg==
x-cache: Miss from cloudfront

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 26ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLX6BXMTSC&gtm=45je3bt0v891046185&_p=1703808105370&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1684149065.1703808105&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1703808106&sct=1&seg=0&dl=https%3A%2F%2Fcultura.uol.com.br%2F&dt=TV%20Cultura&en=webalert-authorization-nativo&_ee=1&ep.uol_property_id=326419485&ep.e_action=clique&ep.e_label=ignorar&_et=25&tfd=8927
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLX6BXMTSC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/tvcultura.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:01:51 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ 35 KB
12 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 29 Dec 2023 00:01:51 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ 50 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 29 Dec 2023 13:41:45 GMT

GET
H2

200

sq23l104-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/feYvx0hs/poster.jpg?width=120
https://assets-jpcust.jwpsrv.com/thumbnails/sq23l104-120.jpg

3 KB
3 KB

20ms
20ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/sq23l104-120.jpg
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f0c2f67572962090680b1d047d0adfc55e66562e6166ace80725e03959d4b090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 295
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 2751
x-served-by: cache-iad-kiad7000093-IAD, cache-fra-etou8220052-FRA
last-modified: Wed, 27 Dec 2023 23:48:34 GMT
server: nginx
x-timer: S1703808112.374159,VS0,VE0
etag: "973439c0dc047b12c03ae05d618665c5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 14, 21

Redirect headers

date: Fri, 29 Dec 2023 00:00:05 GMT
via: 1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P1
age: 107
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/sq23l104-120.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Hit from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: ao21lL85dH77fwC7oEGxHKrieYkSJsmh55gzslUs1KVdtcWuyPD1DA==

POST
H3 204 csi
csi.gstatic.com/ Frame EAA3 0
17 B 117ms
117ms Ping
image/gif 2607:f8b0:400c:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqpvcwdk&c=1114084764324&slotId=557042382162&ghmsh_eids=44772139%2C44777649%2C44781409%2C44803785%2C44804291
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c05::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 333ms
333ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615060659721634&correlator=773637757571029&hxva=1&scor=2438084267448260&eid=31077978%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctv_cultura%2Canchor&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0f6c2f9532f325b3%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MY_TGmJ5Oqy9o15XtzkctcYIctuMQ&gpic=UID%3D00000d2f05adba29%3AT%3D1703808107%3ART%3D1703808107%3AS%3DALNI_MYRgracYR2KEdRQRtL1y2reWayhKA&arp=1&abxe=1&dt=1703808112582&lmt=1703808112&adxs=436&adys=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcultura.uol.com.br%2F&vis=1&psz=1600x-1&msz=728x-1&fws=516&ohw=1600&psts=AOrYGsmJKw8jzR3I70PcXYCp1EtRYbCC5mFBVMVq1XUhZKeDYVy2tqXaU4BUN-oMSFoF_oCMj98DdrzTmWB4lA&ga_vid=1684149065.1703808105&ga_sid=1703808107&ga_hid=1507507572&ga_fc=true&dlt=1703808104518&idt=1897&prev_scp=campaignuol%3D0%26group%3D5%26native%3D0&cust_params=cdn%3Dother%26origin%3Dcultura%2520uol%2520com%2520br%26hasFocus%3Dtrue%26bt%3D9000%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3Dfa0b2854-fba4-480d-93bc-841009d38498&adks=3395774125&frm=20

Requested by

Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ba7a394931dcf70a0cc0d5f85e1017bbe8322f8f6cd9e3be9acaafb3e3c2a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cultura.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11693
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cultura.uol.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
firehose.us-east-1.amazonaws.com/ 299 B
741 B 128ms
128ms Fetch
application/x-amz-json-1.1 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Requested by: Host: us-east-1.prod.tvcoins.com
URL: https://us-east-1.prod.tvcoins.com/player/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash: 74dfa25897c0bd07f743d8db39f183a105cd95d12cbc09af680a9ac72638f0d7

Request headers

accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAYLMLRJYEDNNFFMLG/20231229/us-east-1/firehose/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=d2ac29ff68b2ab11829ac87c4e7b719ce0646c351b6cace67343f2fb393034f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-content-sha256: 2e053553746bbdb95c30f028aaabe00e866e06723a4946dd95d8a8d43fb92f8e
amz-sdk-invocation-id: 9a78e083-477e-4c49-89ba-6436c6a15a36
x-amz-security-token: IQoJb3JpZ2luX2VjEEAaCXVzLWVhc3QtMSJIMEYCIQCEjGagoxz9QpBlw2YS6brUK2Dhrbr5C8NNchZ5CUZlBQIhAKW2WitGxpr1sNgekpuIOnNpJzGk7zvE4c+cpzhyqg3pKtAFCMn//////////wEQARoMNTc0MjA3NjQzMTQ0Igzp+QoXTEQHtnHkMl4qpAWCIxjS/bGBxi+wkJSFRxVQ/cFu0O8uFR9sNmd1u8iaboPx0UOgF0gxnnFA0zFWmc+4gZIEeCHuW0zStf+kyACrc9tU+OBT7gA7I7R8IqLfISJVGiLcTZiPJJse3Jc42criA3PLrJ8ge94420Z/dFoYwHhwPb6oLdMxyMQOlzzkiw/Lg/y+QY5m8274CU2yphMzccUTG+Vq9k4Vwy9UymBnUkjfr4R2i32w6dOVf25IUUdP3t0W5OhWAf26IutkJSza9Q8FcDu/VLT5oNkvNWI6rkAKKS2oJO1WLoEmTAHZ76OhW60Kx4ISF0PsuoJFBeq5dMoGa1eD3ttYcTq15/DNftdDziaYdGlNRkA5gbC+OJ85lZFsJd+Cee5pyAXW4Nxct8SkovL8fqkgIKO0QKrBtLFY7NZZ4cvXdlLwa27YAM3lX/kAIwPHxJCOYtoAh51Yz/yMtcyat0WELNbvrbPnydDUVFnEbL1ysBJYR8Ss0/+7/WqWPROI37jDAboLAXyvXrMAsIngpQa3c4ProIaddZka3IyFUiu+OQ3kkKCZwwyDcmfmAORPvJEqo2oAD7ZPGJkV061cFTBAsRW3zUlHHkt+Z57lv2v7YpLNgPuT7B0yJN6GYvKZhnpzVaIXXV/AdspT1kCRFlTYWLbAle8qnRJOS9VR+T3R/1RhOEdZp52Wp9pDxgHUZ1+x6uO+nEkLJJwz1xtNTuBaDC4xRQSUICDQUpAPP4INkZGSsAK7oDPDPe1ReU57rIdgllQQdbj5oXhqlz92PibBv3Pbuo9JPEiyB4WGYwcIJ4PNo3/7GktayQABWa0j+ePhpwqCKfGmA4rRRzXCIms8aTVMQYgO9MnMgvoIfM0ohbxmz07tU+60sBWbuUU+xp6anW0nmNCoUa7QMOuYuKwGOt4C2A9Rg48DFrWhH7qLqusNtrDYrqPUOBAOYmLVN3xKD5TL5HCAi7mC7FxvqxO+oPdQ9AO3NJZZNgSzmMebSimwZgSW3FSDqU0Bn4M0/gH0B6rATz8sMdDYGsY2hRfGYIy1TbzyapCfaFxXq9vFJO6wUO4Nsii3q9CK7xqTXAkPK6h2ea42EdSe8+Z2W/0SUbuDO56w3G8SnCOXFIxCkzwF9f/GGP5m6C+rth4qmr9jnsH0Q/qZ+pvDy8xDENPHVxOab9xFewPQfETA71KGvIcX2vp2VA2qCYgWAiZa8d6l6i+GnBVdyGN7ddhcgk5MvQXbAXUkmy05vQGa1RWszL1ZG8nzXP3bFAJsRRe+Y74wRg0W03fW+J/F5hUe3pTj6XVoIYRtVmcwUQILzr6O9rS+aGdatEuWJVsIkuNzydaAsn1PdDcyV6VWPU2jNZHIItJLDSDXQIEkhCNehfPvamk=
amz-sdk-request: attempt=1; max=3
x-amz-target: Firehose_20150804.PutRecordBatch
Referer: https://cultura.uol.com.br/
x-amz-date: 20231229T000152Z
x-amz-user-agent: aws-sdk-js/3.306.0 os/Windows/NT_10.0 lang/js md/browser/Chrome_120.0.6099.109 api/firehose/3.306.0

Response headers

Date: Fri, 29 Dec 2023 00:01:52 GMT
Content-Encoding: gzip
x-amzn-RequestId: edb2eb62-1a05-61dd-b3ba-e5d240260d2d
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 281
x-amz-id-2: GdLdr7PpWVxAhXtZpcq7aGaCh7MBIIkYvasFPXA0oWkkQRlAUG5QnzUISzNYtudmyqVwZJVXoTfesYa0+y+sqWGNEWL6DN9h

OPTIONS
H/1.1 200
OK /
firehose.us-east-1.amazonaws.com/ Frame 0
0 122ms
122ms Preflight 3.237.107.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.107.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-107-19.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://cultura.uol.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Fri, 29 Dec 2023 00:01:52 GMT
x-amzn-RequestId: e6f922d1-e36f-0cf4-b8f1-2c61b94c6004

GET
H3 200 container.html Show response
fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF1F 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cultura.uol.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:47 GMT
expires: Sat, 28 Dec 2024 00:01:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0615 398 B
225 B 60ms
59ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYnr65gAIwAQ&v=APEucNWdCMdt4WZ29BVIWhS_Z5PxV1WPOvSq9RBN49JWCrE0DWjD3ICWt_GSd69pa0vI7uQS0AVP8DfUO-nvTpkyefNvCOZcj3nPDpAcSvsTy-prp48sVmqtOEwPfon0dCrGInWPKZtIrS6qmtiDL-ejD2BOukxEX8qmvesGlCq97kEnz2GWpxk

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:01:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DF1F 89 KB
31 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF1F 42 B
68 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZO8Rbz-C_0p6M5hx-vZsFnUmcJLeKcuZ2y6Q5j84wAcFMv97WjAlKrVSU9CFbj8_R6bXj1CmaM_Q9EZ1oZB114pfKNTyku9_OKucLb0UTi--FTE4

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DF1F 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DF1F 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DF1F 0
0 29ms
28ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4p3fxTidLiB_iGrfkhpKn9ZLmQNDn8ykASvLQtDtuwPLaDIRrdL72gKgKQTmZO1UsJF8-ypNdCl5EpkhsN6-on-1rgA
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF1F 203 KB
64 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 00:01:52 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 0615
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELHTYMLRb5lgH6QqHHn9sEs&google_cver=1

43 B
163 B

93ms
32ms

Image
image/gif

5.196.111.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELHTYMLRb5lgH6QqHHn9sEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYnr65gAIwAQ&v=APEucNWdCMdt4WZ29BVIWhS_Z5PxV1WPOvSq9RBN49JWCrE0DWjD3ICWt_GSd69pa0vI7uQS0AVP8DfUO-nvTpkyefNvCOZcj3nPDpAcSvsTy-prp48sVmqtOEwPfon0dCrGInWPKZtIrS6qmtiDL-ejD2BOukxEX8qmvesGlCq97kEnz2GWpxk
Protocol: HTTP/1.1
Server: 5.196.111.73 , France, ASN16276 (OVH, FR),
Reverse DNS: ip73.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELHTYMLRb5lgH6QqHHn9sEs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0615 43 B
163 B 101ms
30ms Image
image/gif 5.196.111.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYnr65gAIwAQ&v=APEucNWdCMdt4WZ29BVIWhS_Z5PxV1WPOvSq9RBN49JWCrE0DWjD3ICWt_GSd69pa0vI7uQS0AVP8DfUO-nvTpkyefNvCOZcj3nPDpAcSvsTy-prp48sVmqtOEwPfon0dCrGInWPKZtIrS6qmtiDL-ejD2BOukxEX8qmvesGlCq97kEnz2GWpxk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.73 , France, ASN16276 (OVH, FR),
Reverse DNS: ip73.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF1F 0
27 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9605485197228&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF1F 0
27 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9605485197228&version=m202309260101&ct=76&x=1&cor=13373893713720373000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DF1F 86 KB
39 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtrAniD-_F2RdGjn-JdcZwQ3xYdgGDO94ALjSRWyGol4O0DCh-srg1jQsVrgAKlXiuXtmiiwbKcwFJfomIeeMIA0Lk4jiXsk4t7rpQK8RilOXlAOAOnEC0aWTmEZ7J3BsxWJcf7O0pG2SBQfIjldDel5GrloHj2PEiQup7ngKHxTHm1QI&dbm_d=AKAmf-AmnAVYq5-Cani2rlqrtMD-fCG4DPBju96eY6mDYJj_YEWbBrKgI8yEL8qEwbeZtT4yISEU43SXJFrYOmRQouTrv7N6-dGDnPpEJL4D4axXoV5G3ixQaPR-4vV23lvMMh3PDcTKk011EgYPnCEtze9OlXqTgnpFhdxZMVqZVow5_OhyF8sKo2dZXi5atywdtubZtzAo0WUf_K197VGXVzXKVIUX4-RVIgcqdjh3sn1a16ptaKP4P5Hk7C9siBK1gMHCk0zd4TTGUsTaKoy33D7iUmtGIe29vR1NcPIKpzwcrtSoYNG-ar8swgxhe_yQS4uy0yhukpdYMOHO7OAv_n4IKAHA35G0S8QgyeJzvSInwmbKfYTk5B_oB6MlE2raCxQ7ASwWwuPZcnnWbCfeEoe6r-lbQXwTjHsVDtRtfKdBp1P3sQJlPEPYqbDWPckSIaO0E8zGv2wZ55oz1oN9PQN8H1DRZhfRP-uV3Bjae5rTf4fMeMeggqZ-p-vjCNRL56uh2cThp1OzGfqYg1wAGM2FwZ5qA7kqcToFKbTZoH5-CW99zRvBPwkYNAYUYB3IS-_dz1tFA0lfFXA78NBfv6Snann-Cjje-QhaosZRb8rBejZ2OPn-PB7BpUUsHpbOqDC2L5OCsyKmNpyUVt9eeLK8LyPFrRxrQ8_p6-FIM_0aQFVCjNsN6emCKkALR_uljP-yZ9htJu7ALHIiJX3nWXAfbMwSiCGrDaPh9wmn9VQIrqzT73vVpufSXMRSm6u9HSjx6-GGXAJHwh3_lpq_mcocWoWzIyTtgt9doS358KmBtUUzkubye8EyaHTJ5URks7VEJvg8fvYXTM1SHtH5NN7EatUhseicMSqkScvqyIyco_IU5fHFvZ0PUj383PTTqPkC6NuHx4nOsfyxSquNejnIleQ9Wa4TeCtK-sG6u_H6yJlZYwBWTZX0fV3UKrePblIE0pWIShRJfz8_Nxcig14F0NkS-gb1WQiiNIQZ7Jy7j3HDFl0YrIsSnmf7aCW6iiRIZDASiFM5R-R8KhCMsHl0LSwYG-pAC0tPuj-Ff9paBCIRaPLrU1grp6-dPXG-_4Z55aVRmPuCWJiz53uHy9TRHnNyazf4ZkqnVLa3Hjy7VG8HxfrCAbiEjBAtpQKdgFSV3RajrQbsNs2SoxodQU5PYe5k1CRgAOXIV2MaZFJsB4K9SXLYRGaqUb_9mXC1_MdmxNO2BiN5F6XOnpSTwyWugtU_Hq45REsLvikyfgDoBgjYBpDrapPBJfdCjAbambkbHMgN1hssRjxby7LdJ_qWxJoOWGtxSZKCwrBNCXvVtkKKP2868abJ82MeFwFBSt3HlLr9WLY4gjf3AYHZCl54iEqVo_zzmyf8A-a1UIGTXhNNX7HRwMvA2xQXZtZM6nbfPg3x2QlWunoqRX99WV0P1lE-b3n8tI1ROT4bsRex_OpjbXS-ZZgUcE30_xbRGYtcAkg1E5L4HGDd3n-IKVO8skrg9r4rmfFC4OKUrwJaeyu-luae36Q6_lqcDagRuO1fYGT-2fL-qLKEBiTHKPl7oHu-fQHRyOI631muKbjvTk5-okbygf_X5J71ew3d-ppKQvt380Nw2GQYR7QTgCz--csL0ZvnUBjKAVz8gGWNYkUt3T67qH12VlJQDwLpOu80LytFk7THhZk_jSmcrgq0_w19-6jQlzGe85HNGbw3xx4PjXaYoVKyEuDuWadXfVWrTqnGg1Y-PF9oVph8KPMOSVLkIqRb4YUf3c6qeHMMgCPByNFciiEnd_U7_5Tb8vB2SDUSGIoDxFHCGGS9_7n_NgFoRfIM1vFyq-CYrkLPuWnhowzkoWYdt7aXbEzs_kKJKUagO4GYSiDNWd5Bu2wpi0DQ0FdIH5a4nBJ4bYfo8u110F-9-6Qlo-vvnIxDHEt1Vj31Vyry-SJXfaTpXUUMzpWniYL4fgFTXi0h0KYHki71CQ4Aw4tWCX7karUKpefBAkS0-8HuNEQf8ILSoM_lxXt_wVeiygwJycxoJXgwbEoyOhm1f7iCV_kGjHQgA3RrpmK54gQeCo0AIDQlS7VPhrB2LmILBAi43jKFGstIWWqj7Ckm67lguJ6s_5oBZk8dEMQ02VopB4mSFPGxapSyHyqM-EwvuT-oQPsAe8NvP6tINk92MHPD3pEnWhHf_y4xA-9IhbLzRKSzl7EzXfxWNpdMpSUvC_3ZPE-02naXZifZn6kyTjJ89axNXy9HVjbRuw-RczfvA-uktgVuGNMyg-3wpTArnaUK9uHAJfuj6BoZX7GAMjs93uWlckPXdvhA_lW6kKrfiGC3gkoXCgVoDTkOrLAKvcgwMoP5wbfsHzcqTYMwjUOhjrBuPDNuk1QTP9-C8ojRmBAAMPOD06DgTLCHOATFGXY9t-phEeGX6kTeokMFj73dwvQtxksBfFL9E7cDFpusRJMymxS7w2BgmTdylzuBFxOwAyQ9sJQ5mLSYhSMyD0pfAVFiB5JFHdx6NOnA24anUG6QDTRe2bLdTDntqxUGPa7KYm5DFRa2ZdCfLejjz59r4Kz_sQDw_z1C13YYoFsRiOvIVQpmnxeunYawGaUUdVTqvJLs0G25q9oebhV7eIj-SjTaKXFkFGuFIkXQ7-HPzlfFJt9nmmPpoCDoSMr7o8AyZJCmpEyv1l2MS-9y--MyX28OprhLXN1oIRIu3NwWKPkubbZnOst2zaA1PSPQB3xWEdPE7FdQoYsO72Q7Coydcc8rE17qmd-lkqd-KKcMcww8DzQAf6eTXYs5hfS5y0q9_Nk_PaiQvRZs1RH-QvVcGE0oBoFAgBwwpMbhuOgegpjiwoMb3FN8Z_QTEQ6saXSL4_fzZXUJvbG2G6p_b1f7lLOokoqfIGipuzSrBIAaMeSzhfogYaMVoZEqq--kSwaN2JDes9SwEdHJB4wtLeXxqE4aIrkkSyLxFei0Oysy4ILsYI6CNWvJiutJPMRJP4teLmRZpyzA8451TACY5ObmLlNTqAMFQUbp10kTBaXjufM2QVU8uBNvRgNUfLwWeDzYG76890KNa8brEPP4Wd7qjwDf7sBbixyWhmPqsHb7qpZl1rC8wSy-ozRvCLM2TvvclWbA3BMnqynLkOQvkspqsTacQ_QMgz3icr_Z98KnpKstHShsjHsLQ_fUV3k3Fxv6CzkVxvwQL4DMHSFHVYA1e37yYZP3ZyOw7JP0rRSRWX-tK6PtzMkXocagoMauXYnoBLWNfCUkok5M24xN97wc-2oX_oCGR4a8mTYLhaCfjkYysrv38kc-dL8F4OR34tbrAofXat_jdld7nyqdqTTy-OgpGpRl-ur5EEtPXni64M7UlGXpJz0ucPiFucMj9Hym_JGmdasVLnYrIRXeR8TCczVSQrzHD4Waw_TIAyJwSBEvjAQ3TRLlvSz88eZDBWXa5FSCkMI0GXGNMAw1nQx3xQFjjkr9f6VOwWMTCDeiHXLD3xBzLeLdVSDWFWC0pvEQr67PR27tKjdFe91GxBR0v-JaF1KlNtNM5aiI900j3GjQEXMPCR6AqzGOkcmKm3yg0NlZIu3vwKB8J1ZGeqielkmgBnsDdJv1jiW71A3jiAVB2VtE8yiZoVOQhIiddS3o08wbjx5WlynDB12RCdmdM3QNwQSPEK8trt19p9w2cmipIFIhAX5eeGSoqMZTLd_mfm85kTTm2dsRhLfWv6CvYwPnqDHGgcZo-OOvVaYe4VSOEIGcSK8jd41sXVCVg_LQ6jfQhkXe6kAOL7z0KArEk-ANW_Wv6XXvVm7-Y3VpnF4D4JeYT-44BmACQESKvejW5HhRFg3HKX2suF87BA8Eo_udL3lr4yGrVRcLIClPqQwScqrNBhI5FRrlOqjM2wS-yLeSKUA2RuAhmDbbLCaIgM5qT2qXhQ7P5k6GO9njHE_elIG-HHY3TC5QKA&cid=CAQSOwAvHhf_RskXbgr2Jeckk-oSyi2OJn1kVugX5-jcBVAlY1Apzk4yL34YeqszFsFuD5NFH-hja2VStOC4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=13373893713720373000&adk=72288714&idt=110&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16a44820056f9ea37b38c4c5806ad82580fb245982025088eac3d88dfb1279ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DF1F 31 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtrAniD-_F2RdGjn-JdcZwQ3xYdgGDO94ALjSRWyGol4O0DCh-srg1jQsVrgAKlXiuXtmiiwbKcwFJfomIeeMIA0Lk4jiXsk4t7rpQK8RilOXlAOAOnEC0aWTmEZ7J3BsxWJcf7O0pG2SBQfIjldDel5GrloHj2PEiQup7ngKHxTHm1QI&dbm_d=AKAmf-AmnAVYq5-Cani2rlqrtMD-fCG4DPBju96eY6mDYJj_YEWbBrKgI8yEL8qEwbeZtT4yISEU43SXJFrYOmRQouTrv7N6-dGDnPpEJL4D4axXoV5G3ixQaPR-4vV23lvMMh3PDcTKk011EgYPnCEtze9OlXqTgnpFhdxZMVqZVow5_OhyF8sKo2dZXi5atywdtubZtzAo0WUf_K197VGXVzXKVIUX4-RVIgcqdjh3sn1a16ptaKP4P5Hk7C9siBK1gMHCk0zd4TTGUsTaKoy33D7iUmtGIe29vR1NcPIKpzwcrtSoYNG-ar8swgxhe_yQS4uy0yhukpdYMOHO7OAv_n4IKAHA35G0S8QgyeJzvSInwmbKfYTk5B_oB6MlE2raCxQ7ASwWwuPZcnnWbCfeEoe6r-lbQXwTjHsVDtRtfKdBp1P3sQJlPEPYqbDWPckSIaO0E8zGv2wZ55oz1oN9PQN8H1DRZhfRP-uV3Bjae5rTf4fMeMeggqZ-p-vjCNRL56uh2cThp1OzGfqYg1wAGM2FwZ5qA7kqcToFKbTZoH5-CW99zRvBPwkYNAYUYB3IS-_dz1tFA0lfFXA78NBfv6Snann-Cjje-QhaosZRb8rBejZ2OPn-PB7BpUUsHpbOqDC2L5OCsyKmNpyUVt9eeLK8LyPFrRxrQ8_p6-FIM_0aQFVCjNsN6emCKkALR_uljP-yZ9htJu7ALHIiJX3nWXAfbMwSiCGrDaPh9wmn9VQIrqzT73vVpufSXMRSm6u9HSjx6-GGXAJHwh3_lpq_mcocWoWzIyTtgt9doS358KmBtUUzkubye8EyaHTJ5URks7VEJvg8fvYXTM1SHtH5NN7EatUhseicMSqkScvqyIyco_IU5fHFvZ0PUj383PTTqPkC6NuHx4nOsfyxSquNejnIleQ9Wa4TeCtK-sG6u_H6yJlZYwBWTZX0fV3UKrePblIE0pWIShRJfz8_Nxcig14F0NkS-gb1WQiiNIQZ7Jy7j3HDFl0YrIsSnmf7aCW6iiRIZDASiFM5R-R8KhCMsHl0LSwYG-pAC0tPuj-Ff9paBCIRaPLrU1grp6-dPXG-_4Z55aVRmPuCWJiz53uHy9TRHnNyazf4ZkqnVLa3Hjy7VG8HxfrCAbiEjBAtpQKdgFSV3RajrQbsNs2SoxodQU5PYe5k1CRgAOXIV2MaZFJsB4K9SXLYRGaqUb_9mXC1_MdmxNO2BiN5F6XOnpSTwyWugtU_Hq45REsLvikyfgDoBgjYBpDrapPBJfdCjAbambkbHMgN1hssRjxby7LdJ_qWxJoOWGtxSZKCwrBNCXvVtkKKP2868abJ82MeFwFBSt3HlLr9WLY4gjf3AYHZCl54iEqVo_zzmyf8A-a1UIGTXhNNX7HRwMvA2xQXZtZM6nbfPg3x2QlWunoqRX99WV0P1lE-b3n8tI1ROT4bsRex_OpjbXS-ZZgUcE30_xbRGYtcAkg1E5L4HGDd3n-IKVO8skrg9r4rmfFC4OKUrwJaeyu-luae36Q6_lqcDagRuO1fYGT-2fL-qLKEBiTHKPl7oHu-fQHRyOI631muKbjvTk5-okbygf_X5J71ew3d-ppKQvt380Nw2GQYR7QTgCz--csL0ZvnUBjKAVz8gGWNYkUt3T67qH12VlJQDwLpOu80LytFk7THhZk_jSmcrgq0_w19-6jQlzGe85HNGbw3xx4PjXaYoVKyEuDuWadXfVWrTqnGg1Y-PF9oVph8KPMOSVLkIqRb4YUf3c6qeHMMgCPByNFciiEnd_U7_5Tb8vB2SDUSGIoDxFHCGGS9_7n_NgFoRfIM1vFyq-CYrkLPuWnhowzkoWYdt7aXbEzs_kKJKUagO4GYSiDNWd5Bu2wpi0DQ0FdIH5a4nBJ4bYfo8u110F-9-6Qlo-vvnIxDHEt1Vj31Vyry-SJXfaTpXUUMzpWniYL4fgFTXi0h0KYHki71CQ4Aw4tWCX7karUKpefBAkS0-8HuNEQf8ILSoM_lxXt_wVeiygwJycxoJXgwbEoyOhm1f7iCV_kGjHQgA3RrpmK54gQeCo0AIDQlS7VPhrB2LmILBAi43jKFGstIWWqj7Ckm67lguJ6s_5oBZk8dEMQ02VopB4mSFPGxapSyHyqM-EwvuT-oQPsAe8NvP6tINk92MHPD3pEnWhHf_y4xA-9IhbLzRKSzl7EzXfxWNpdMpSUvC_3ZPE-02naXZifZn6kyTjJ89axNXy9HVjbRuw-RczfvA-uktgVuGNMyg-3wpTArnaUK9uHAJfuj6BoZX7GAMjs93uWlckPXdvhA_lW6kKrfiGC3gkoXCgVoDTkOrLAKvcgwMoP5wbfsHzcqTYMwjUOhjrBuPDNuk1QTP9-C8ojRmBAAMPOD06DgTLCHOATFGXY9t-phEeGX6kTeokMFj73dwvQtxksBfFL9E7cDFpusRJMymxS7w2BgmTdylzuBFxOwAyQ9sJQ5mLSYhSMyD0pfAVFiB5JFHdx6NOnA24anUG6QDTRe2bLdTDntqxUGPa7KYm5DFRa2ZdCfLejjz59r4Kz_sQDw_z1C13YYoFsRiOvIVQpmnxeunYawGaUUdVTqvJLs0G25q9oebhV7eIj-SjTaKXFkFGuFIkXQ7-HPzlfFJt9nmmPpoCDoSMr7o8AyZJCmpEyv1l2MS-9y--MyX28OprhLXN1oIRIu3NwWKPkubbZnOst2zaA1PSPQB3xWEdPE7FdQoYsO72Q7Coydcc8rE17qmd-lkqd-KKcMcww8DzQAf6eTXYs5hfS5y0q9_Nk_PaiQvRZs1RH-QvVcGE0oBoFAgBwwpMbhuOgegpjiwoMb3FN8Z_QTEQ6saXSL4_fzZXUJvbG2G6p_b1f7lLOokoqfIGipuzSrBIAaMeSzhfogYaMVoZEqq--kSwaN2JDes9SwEdHJB4wtLeXxqE4aIrkkSyLxFei0Oysy4ILsYI6CNWvJiutJPMRJP4teLmRZpyzA8451TACY5ObmLlNTqAMFQUbp10kTBaXjufM2QVU8uBNvRgNUfLwWeDzYG76890KNa8brEPP4Wd7qjwDf7sBbixyWhmPqsHb7qpZl1rC8wSy-ozRvCLM2TvvclWbA3BMnqynLkOQvkspqsTacQ_QMgz3icr_Z98KnpKstHShsjHsLQ_fUV3k3Fxv6CzkVxvwQL4DMHSFHVYA1e37yYZP3ZyOw7JP0rRSRWX-tK6PtzMkXocagoMauXYnoBLWNfCUkok5M24xN97wc-2oX_oCGR4a8mTYLhaCfjkYysrv38kc-dL8F4OR34tbrAofXat_jdld7nyqdqTTy-OgpGpRl-ur5EEtPXni64M7UlGXpJz0ucPiFucMj9Hym_JGmdasVLnYrIRXeR8TCczVSQrzHD4Waw_TIAyJwSBEvjAQ3TRLlvSz88eZDBWXa5FSCkMI0GXGNMAw1nQx3xQFjjkr9f6VOwWMTCDeiHXLD3xBzLeLdVSDWFWC0pvEQr67PR27tKjdFe91GxBR0v-JaF1KlNtNM5aiI900j3GjQEXMPCR6AqzGOkcmKm3yg0NlZIu3vwKB8J1ZGeqielkmgBnsDdJv1jiW71A3jiAVB2VtE8yiZoVOQhIiddS3o08wbjx5WlynDB12RCdmdM3QNwQSPEK8trt19p9w2cmipIFIhAX5eeGSoqMZTLd_mfm85kTTm2dsRhLfWv6CvYwPnqDHGgcZo-OOvVaYe4VSOEIGcSK8jd41sXVCVg_LQ6jfQhkXe6kAOL7z0KArEk-ANW_Wv6XXvVm7-Y3VpnF4D4JeYT-44BmACQESKvejW5HhRFg3HKX2suF87BA8Eo_udL3lr4yGrVRcLIClPqQwScqrNBhI5FRrlOqjM2wS-yLeSKUA2RuAhmDbbLCaIgM5qT2qXhQ7P5k6GO9njHE_elIG-HHY3TC5QKA&cid=CAQSOwAvHhf_RskXbgr2Jeckk-oSyi2OJn1kVugX5-jcBVAlY1Apzk4yL34YeqszFsFuD5NFH-hja2VStOC4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcultura.uol.com.br%2F&ds=l&xdt=1&iif=1&cor=13373893713720373000&adk=72288714&idt=110&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:43:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame DF1F 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:44:08 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF1F 0
0 66ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQ-XKh1PQd4jv1lfjLmcsebZpPcjQVUl5Yc70oZpbpzltniwGJFRgcK_jMIS83PfSQ4w8ALZTIDtkuE-bno1eiEKbFE_bHcVIKXNTKrmL3DBbswTxhXGE2ETDfFB5guuyCVKXifUm7CF2k88pSvsYSu7o2iz4mejd8Mqtdmpf9j_9uVMYtfjg04yg0B8le2XrgfivUoBAx71glWGmMMAodYHQWh78UY_1zsPVVvQkRimYMO_9bY4wiX1H85VfiTWmqEs8x4MGB5pz2pGDXjpb7rh52HOjLzRnsM_0q2L8tgr0G58htO48m6X-FLa8_XjONM5ucq9VWx3iPiW0lT0G-Gjr-elzB2OzNjlagmSHdhlFRbCbS6EX6kbh-taraNu_RB8j-8JcP1M8n542xdkDbhQ1eXOFTPUYTGMtgfMyxCncK3nMyW_A_-qw4O6sOrXYE5TWGS9Tow5BPocaaG-wG2AcLO2IxjhmOnQkS6oUvSQp2vaiR-NrAUXopFdznl6lwDSTVdHCH3uEshW2Gx4wOamEGE-4fhZ-zVDeSjI_opU2P9dkk281a8aKpR9E-znJGR223scw9eBK54EawpJzWBbm-RshcZPE2-5fl0wFjvoZEKB3GSux6WcOKfh9oCv4PYyagnUFoEMif0IuCZOwGNP-zXl9eTTDCMs1QXovVz0urFpRXCOAOxc6uhk9KfoRQmCBUC0MNKieHsEQ2lzkfGSW4R1gJySxwH_-2LECxVyWwJsaWUxQjwqZEU-3OdALd8-wat5vweDclZNZATDfF5UDuVuMV6ooFhBGqQnJ2xpDn4e1Ug8uqO5w0ay9t5g19_olH4GpbNK8KTWsoQK5WA7cdIsEygztFK4ye9KUlNLbeY-uHyHM4QBoikQqNAOuiKhqpMdBTQda77MC2vMvjyIs6p3vQfZB64XiPXvHwkYJKSBm2vdFiJ6bGfsD0kWSlxt1D7PPhUHBNy8sT8IzBrklDDVm4iXINZ7Op29vz6lvw2jqca2n0lvEGXaV7spZ8pTGPJEM2z6MvsxipwozDd7XZHEylPzufChSpe7f9XLidA3z4VZMhQkolnwGmpk4e6mzRMDAxYu-r_kHSVstFBABRbKyBtFxGuLG6JQB6Aq6ESZPqnfu-LWq_NhpbU-EsY9VZ0e7sw-tbUNBXhW86qfCgPOhhrxoB9PzHj323JXRQ3V-CccUjwK-cXBlXi7MgUQVBbFyE8cQ9es52-HM3j4KR7wnXJ0arF_-v9cgG6mvhw6pW3y6g8m9QU7q89VjfN6Ovx7UUCc6CE8bpmwnrPZrJpIzy434Kj43mRa5b_AuPLQSMVV_7O2O_NF93sboAzeygfogjGO0OwDjauAqVVVjOKN3Vc2dzArC9evdM0A_JLchjCrjL4P-hVpHKzUgLg1QPhp8J8oVBr2ijaPpwtlpi3kfzZJ2Fu-wrHXRG4upyAVS_GYww8HgFJloH48aLBWxZWIHcLj7cFkE81obKhZRnshS9eQ&sai=AMfl-YQuK1F1gNF794TbqKHsrP9lwkFpEI4o12PXD8VT9ldnORXMCRklNsJ6-Qs96rqXecI6oMXQ88iVxKOHRRzanQMjGv6SGeDyWQqxD4y-WPd7o0XfMwgmTcrX0rYNy2LKLtsh2WbMTaEeA7OpuU5k02I8LlXgeNLrP59_54lH5p7Lmjyc--kkuz1uHVSZ0rIx-BUpK1WnWcprhW_nJbtI2YwAvPb0ZVlGm5SSurdbQ4ZNPPrkv-_h14A8OGLsjQsNg48m&sig=Cg0ArKJSzIWsD89FGgq3EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.97699&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 00:01:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DF1F 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 9977429930421590674
s0.2mdn.net/simgad/ Frame DF1F 37 KB
37 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9977429930421590674

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f40211c6210790238f60f31b8c4efce8983dda01e86ed13a7dbb570d36574317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 14:08:38 GMT
date: Wed, 27 Dec 2023 14:08:38 GMT
x-content-type-options: nosniff
age: 121995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38025
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:33:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame DF1F
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698509&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

22ms
22ms

Image
image/gif

18.159.23.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 18.159.23.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-23-230.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 00:01:53 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Fri, 29 Dec 2023 00:01:53 GMT
Last-Modified: Fri, 29 Dec 2023 00:01:53 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9499 1 KB
649 B 19ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 29 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DF1F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5f561a24c4b900ba16681d5e611d2234904e953c747a2328e5c888696c965a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF1F 0
0 59ms
59ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQ-XKh1PQd4jv1lfjLmcsebZpPcjQVUl5Yc70oZpbpzltniwGJFRgcK_jMIS83PfSQ4w8ALZTIDtkuE-bno1eiEKbFE_bHcVIKXNTKrmL3DBbswTxhXGE2ETDfFB5guuyCVKXifUm7CF2k88pSvsYSu7o2iz4mejd8Mqtdmpf9j_9uVMYtfjg04yg0B8le2XrgfivUoBAx71glWGmMMAodYHQWh78UY_1zsPVVvQkRimYMO_9bY4wiX1H85VfiTWmqEs8x4MGB5pz2pGDXjpb7rh52HOjLzRnsM_0q2L8tgr0G58htO48m6X-FLa8_XjONM5ucq9VWx3iPiW0lT0G-Gjr-elzB2OzNjlagmSHdhlFRbCbS6EX6kbh-taraNu_RB8j-8JcP1M8n542xdkDbhQ1eXOFTPUYTGMtgfMyxCncK3nMyW_A_-qw4O6sOrXYE5TWGS9Tow5BPocaaG-wG2AcLO2IxjhmOnQkS6oUvSQp2vaiR-NrAUXopFdznl6lwDSTVdHCH3uEshW2Gx4wOamEGE-4fhZ-zVDeSjI_opU2P9dkk281a8aKpR9E-znJGR223scw9eBK54EawpJzWBbm-RshcZPE2-5fl0wFjvoZEKB3GSux6WcOKfh9oCv4PYyagnUFoEMif0IuCZOwGNP-zXl9eTTDCMs1QXovVz0urFpRXCOAOxc6uhk9KfoRQmCBUC0MNKieHsEQ2lzkfGSW4R1gJySxwH_-2LECxVyWwJsaWUxQjwqZEU-3OdALd8-wat5vweDclZNZATDfF5UDuVuMV6ooFhBGqQnJ2xpDn4e1Ug8uqO5w0ay9t5g19_olH4GpbNK8KTWsoQK5WA7cdIsEygztFK4ye9KUlNLbeY-uHyHM4QBoikQqNAOuiKhqpMdBTQda77MC2vMvjyIs6p3vQfZB64XiPXvHwkYJKSBm2vdFiJ6bGfsD0kWSlxt1D7PPhUHBNy8sT8IzBrklDDVm4iXINZ7Op29vz6lvw2jqca2n0lvEGXaV7spZ8pTGPJEM2z6MvsxipwozDd7XZHEylPzufChSpe7f9XLidA3z4VZMhQkolnwGmpk4e6mzRMDAxYu-r_kHSVstFBABRbKyBtFxGuLG6JQB6Aq6ESZPqnfu-LWq_NhpbU-EsY9VZ0e7sw-tbUNBXhW86qfCgPOhhrxoB9PzHj323JXRQ3V-CccUjwK-cXBlXi7MgUQVBbFyE8cQ9es52-HM3j4KR7wnXJ0arF_-v9cgG6mvhw6pW3y6g8m9QU7q89VjfN6Ovx7UUCc6CE8bpmwnrPZrJpIzy434Kj43mRa5b_AuPLQSMVV_7O2O_NF93sboAzeygfogjGO0OwDjauAqVVVjOKN3Vc2dzArC9evdM0A_JLchjCrjL4P-hVpHKzUgLg1QPhp8J8oVBr2ijaPpwtlpi3kfzZJ2Fu-wrHXRG4upyAVS_GYww8HgFJloH48aLBWxZWIHcLj7cFkE81obKhZRnshS9eQ&sai=AMfl-YQuK1F1gNF794TbqKHsrP9lwkFpEI4o12PXD8VT9ldnORXMCRklNsJ6-Qs96rqXecI6oMXQ88iVxKOHRRzanQMjGv6SGeDyWQqxD4y-WPd7o0XfMwgmTcrX0rYNy2LKLtsh2WbMTaEeA7OpuU5k02I8LlXgeNLrP59_54lH5p7Lmjyc--kkuz1uHVSZ0rIx-BUpK1WnWcprhW_nJbtI2YwAvPb0ZVlGm5SSurdbQ4ZNPPrkv-_h14A8OGLsjQsNg48m&sig=Cg0ArKJSzIWsD89FGgq3EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=29&vt=11&dtpt=28&dett=2&cstd=0&cisv=r20231207.97699&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6219 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 224195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 9499 43 B
145 B 23ms
22ms Image
image/gif 3.123.206.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELGA-8OOF7w15kQQL2PHmsA&google_cver=1&google_push=AXcoOmSDOPhJE2qsE-Ql-LCaPBKVHM0hqtjN39Bss9y8jDJpnBxECoV4xdVtUX_3az4EV16g8Cj4bz5RkG2-MvcPQktU-6jJWcW0
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.206.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-206-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9499
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIL6OlC_IFjrjQ8V4ZmA5NQ&google_cver=1&google_push=AXcoOmSgn9S3bETF5TjWHXvS1j3_IEdvrJD1k_k6zNJFxgl5LilmklShCQ1oPuK_NnmwZnIBAlUMyROodgkCIYwuRNcNdiR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgn9S3bETF5TjWHXvS1j3_IEdvrJD1k_k6zNJFxgl5LilmklShCQ1oPuK_NnmwZnIBAlUMyROodgkCIYwuRNcNdiRzNf92&google_hm=eS1rRzhxblFGRTJwRmYybF...

170 B
232 B

32ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgn9S3bETF5TjWHXvS1j3_IEdvrJD1k_k6zNJFxgl5LilmklShCQ1oPuK_NnmwZnIBAlUMyROodgkCIYwuRNcNdiRzNf92&google_hm=eS1rRzhxblFGRTJwRmYybFdNSzA5dFFnRXZmdDhFeXh1bH5B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 00:01:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgn9S3bETF5TjWHXvS1j3_IEdvrJD1k_k6zNJFxgl5LilmklShCQ1oPuK_NnmwZnIBAlUMyROodgkCIYwuRNcNdiRzNf92&google_hm=eS1rRzhxblFGRTJwRmYybFdNSzA5dFFnRXZmdDhFeXh1bH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9499
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAT-b-KJvI0IGxXzf5je3Aw&google_cver=1&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAT-b-KJvI0IGxXzf5je3Aw&google_cver=1&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4N...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJVRaS9

170 B
232 B

32ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJVRaS9

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRULCt-3idS6KMbREdChLAEMcS4g6f-D9LPCikGXcuM4uMoboZCW9A7KFCElProvWZtN6pq18gI6m7dYuz2l3R4NgJVRaS9
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9499
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRgRb...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-02c8vA6G-5PTLK119OoBWo2yspQZ20cmfpSl8A&google_push=AXcoOmRgRbjuu5kPn9gqAu41VL_JWDMtuvok80vdlOc5tGL-mAVxokHskD6CSOhyv6kcwQbb2o28A84MAVbl...

170 B
232 B

31ms
30ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-02c8vA6G-5PTLK119OoBWo2yspQZ20cmfpSl8A&google_push=AXcoOmRgRbjuu5kPn9gqAu41VL_JWDMtuvok80vdlOc5tGL-mAVxokHskD6CSOhyv6kcwQbb2o28A84MAVbllQTqfIfWNQppREU

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-02c8vA6G-5PTLK119OoBWo2yspQZ20cmfpSl8A&google_push=AXcoOmRgRbjuu5kPn9gqAu41VL_JWDMtuvok80vdlOc5tGL-mAVxokHskD6CSOhyv6kcwQbb2o28A84MAVbllQTqfIfWNQppREU
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 798811
content-length: 0
expires: Fri, 29 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9499
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJNIGJLhWT8tLzWUWPeyTI&google_cver=1&google_push=AXcoOmR1Ce2T2okJql36TkivWWOMsjzjocRg64BOnX1dl-TIH9HH0lMlQTUL_UYw3M-OZZTUTdxxlXSB...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmR1Ce2T2okJql36TkivWWOMsjzjocRg64BOnX1dl-TIH9HH0lMlQTUL_UYw3M-OZZTUTdxxlX...

170 B
232 B

31ms
31ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmR1Ce2T2okJql36TkivWWOMsjzjocRg64BOnX1dl-TIH9HH0lMlQTUL_UYw3M-OZZTUTdxxlXSB6pb4a8N5ToRT8gsEVTE

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NjQyODAxNDg2ODEzMTY2MQ&google_push=AXcoOmR1Ce2T2okJql36TkivWWOMsjzjocRg64BOnX1dl-TIH9HH0lMlQTUL_UYw3M-OZZTUTdxxlXSB6pb4a8N5ToRT8gsEVTE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 9499 0
44 B 31ms
31ms Image
text/plain 5.196.111.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPfu-rvebv_Aricy8il0n_k&google_cver=1&google_push=AXcoOmTs63vTGYwPz_zRUZYg0vF561ga8XrLbiz9sMACOWhGtVs2uAT24o-moE8GT_JwxWRaYEXsJEClD8VWPAJDqu5acWfqB_aS
Requested by: Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:01:52 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 9499
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAXRD-Uesb30NJLix4XoM6U&google_cver=1&google_push=AXcoOmRFimat_3m6IurO9dVUsI81CGbAEZNHoILNosY8DC4xCRHVF3Tm5KFimE-43AiFkTgd8EehZIbkSLk...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRFimat_3m6IurO9dVUsI81CGbAEZNHoILNosY8DC4xCRHVF3Tm5KFimE-43AiFkTgd8EehZIbkSLk_gU-7TiH5EIPoLrfCmw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

19ms
19ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 00:01:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9499 0
40 B 30ms
30ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jg48j9cKA_rFOqLtXSkKhTCFPd8CiXiJGeRYy61KYmm2vuy-W6jp0Nn5LoL4XoECTqHhW0GQ

Requested by

Host: fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com
URL: https://fd55fd180cf0bcd5b0ae290f254f47ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS