URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalm...
Submission: On November 22 via api from US — Scanned from DE

Summary

This website contacted 71 IPs in 9 countries across 52 domains to perform 252 HTTP transactions. The main IP is 2a02:26f0:f500:9::5c7b:8528, located in Munich, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.terra.com.br. The Cisco Umbrella rank of the primary domain is 196011.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 3rd 2023. Valid for: a year.
This is the only time www.terra.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a02:26f0:f50... 20940 (AKAMAI-ASN1)
58 2a02:26f0:f50... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e4:... 13335 (CLOUDFLAR...)
3 35.201.123.184 396982 (GOOGLE-CL...)
2 18.245.60.53 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.68 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.120 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 52.212.46.188 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
3 35.244.159.8 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.121 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.78 16509 (AMAZON-02)
2 13.32.99.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
5 34.102.185.99 396982 (GOOGLE-CL...)
12 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
1 99.86.4.128 16509 (AMAZON-02)
2 13.32.119.77 16509 (AMAZON-02)
1 8 37.252.171.85 29990 (ASN-APPNEX)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 34.149.50.64 396982 (GOOGLE-CL...)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
2 185.86.138.32 201081 (SMARTADSE...)
2 2602:803:c003... 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 85.14.248.71 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
6 19 142.250.185.130 15169 (GOOGLE)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
1 1 151.101.194.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 54.76.20.17 16509 (AMAZON-02)
3 3 46.228.174.117 56396 (AMOBEE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 2 51.89.9.252 16276 (OVH)
2 142.250.74.194 15169 (GOOGLE)
2 23.32.185.35 16625 (AKAMAI-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 3.121.142.228 16509 (AMAZON-02)
2 2 37.157.3.26 198622 (ADFORM)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 81.17.55.108 60781 (LEASEWEB-...)
2 142.250.186.166 15169 (GOOGLE)
1 141.101.90.98 13335 (CLOUDFLAR...)
1 143.204.98.32 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 95.101.148.20 16625 (AKAMAI-AS)
1 23.211.9.60 16625 (AKAMAI-AS)
2 23.35.229.251 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
252 71
Apex Domain
Subdomains
Transfer
57 trrsf.com
s1.trrsf.com — Cisco Umbrella Rank: 292127
p2.trrsf.com — Cisco Umbrella Rank: 239006
p1.trrsf.com — Cisco Umbrella Rank: 283751
497 KB
40 googlesyndication.com
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
237 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
ad.doubleclick.net — Cisco Umbrella Rank: 154
268 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
650 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
15 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
44 KB
8 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 63384
d.tailtarget.com — Cisco Umbrella Rank: 71637
tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 386139
b.t.tailtarget.com — Cisco Umbrella Rank: 57903
t.tailtarget.com — Cisco Umbrella Rank: 7625
46 KB
8 terra.com.br
www.terra.com.br — Cisco Umbrella Rank: 196011
33 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
19 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
70 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
3 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
1 KB
5 google.com
ampcid.google.com — Cisco Umbrella Rank: 2931
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 24
81 KB
5 audima.co
audio10.audima.co — Cisco Umbrella Rank: 389717
123 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3046
launchpad.privacymanager.io — Cisco Umbrella Rank: 2789
geo.privacymanager.io — Cisco Umbrella Rank: 1825
28 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
23 KB
3 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
971 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
12 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
74 KB
2 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4188
api.rlcdn.com — Cisco Umbrella Rank: 957
636 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
326 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
585 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
953 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1735
454 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
storage.googleapis.com — Cisco Umbrella Rank: 409
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
85 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
35 KB
2 google.de
ampcid.google.de — Cisco Umbrella Rank: 86280
www.google.de — Cisco Umbrella Rank: 6862
777 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 146086
606 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
574 B
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
199 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
549 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
538 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11905
60 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4524
603 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 taboola.com
c2.taboola.com — Cisco Umbrella Rank: 8407
18 KB
1 trrsf.com.br
p1.trrsf.com.br — Cisco Umbrella Rank: 599398
29 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
89 KB
252 52
Domain Requested by
40 s1.trrsf.com www.terra.com.br
s1.trrsf.com
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.terra.com.br
s0.2mdn.net
www.googletagservices.com
19 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
18 s0.2mdn.net www.terra.com.br
s0.2mdn.net
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
www.terra.com.br
s0.2mdn.net
11 p2.trrsf.com www.terra.com.br
8 ib.adnxs.com 1 redirects s1.trrsf.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 www.terra.com.br s1.trrsf.com
6 gum.criteo.com 2 redirects static.criteo.net
s1.trrsf.com
6 p1.trrsf.com s1.trrsf.com
5 audio10.audima.co www.terra.com.br
audio10.audima.co
5 securepubads.g.doubleclick.net www.terra.com.br
securepubads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 googleads.g.doubleclick.net 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
3 c.amazon-adsystem.com s1.trrsf.com
c.amazon-adsystem.com
3 www.google.com www.terra.com.br
tpc.googlesyndication.com
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
3 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.criteo.net securepubads.g.doubleclick.net
s1.trrsf.com
static.criteo.net
3 www.google-analytics.com www.terra.com.br
www.google-analytics.com
2 eus.rubiconproject.com s1.trrsf.com
eus.rubiconproject.com
2 ad.doubleclick.net www.terra.com.br
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net www.terra.com.br
2 onetag-sys.com 1 redirects 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 www.googletagservices.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
2 fastlane.rubiconproject.com s1.trrsf.com
2 prg.smartadserver.com s1.trrsf.com
2 bidder.criteo.com s1.trrsf.com
2 s.seedtag.com s1.trrsf.com
2 prebid.media.net s1.trrsf.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 b.t.tailtarget.com d.tailtarget.com
2 tt-10969-0.seg.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com www.terra.com.br
d.tailtarget.com
2 geo.privacymanager.io launchpad.privacymanager.io
2 cdnjs.cloudflare.com audio10.audima.co
cdnjs.cloudflare.com
2 mug.criteo.com www.terra.com.br
2 oajs.openx.net 1 redirects www.terra.com.br
2 sb.scorecardresearch.com s1.trrsf.com
www.terra.com.br
1 token.rubiconproject.com eus.rubiconproject.com
1 acdn.adnxs.com s1.trrsf.com
1 contextual.media.net s1.trrsf.com
1 api.rlcdn.com s1.trrsf.com
1 check.analytics.rlcdn.com s1.trrsf.com
1 portal.o2online.de
1 ssbsync.smartadserver.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1 ssum-sec.casalemedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 match.360yield.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 m.exactag.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 t.tailtarget.com
1 storage.googleapis.com tags.t.tailtarget.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 accounts.google.com s1.trrsf.com
1 launchpad-wrapper.privacymanager.io s1.trrsf.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com audio10.audima.co
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.google.de www.terra.com.br
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 ampcid.google.de www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 c2.taboola.com www.terra.com.br
1 tags.t.tailtarget.com s1.trrsf.com
1 p1.trrsf.com.br www.terra.com.br
1 www.googletagmanager.com www.terra.com.br
252 88
Subject Issuer Validity Valid
terra.com.br
DigiCert TLS RSA SHA256 2020 CA1
2023-11-03 -
2024-11-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
audima.co
GTS CA 1P5
2023-10-08 -
2024-01-06
3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-08-09
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google.de
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-09-25 -
2023-12-24
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4
2023-11-08 -
2024-02-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.de
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01
2023-07-27 -
2024-08-24
a year crt.sh
accounts.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
storage.googleapis.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-10-28 -
2024-01-26
3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-29 -
2024-04-15
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2023-08-22 -
2024-09-15
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
portal.o2online.de
E1
2023-10-01 -
2023-12-30
3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02
2023-06-27 -
2024-07-24
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh

This page contains 22 frames:

Primary Page: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Frame ID: 0129017D69DA620C70B8C564A267A007
Requests: 138 HTTP requests in this frame

Frame: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0B1633B503D414D85B880FD6CBC5200
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.terra.com.br
Frame ID: 045203C60FC02478CA12569E72A789BA
Requests: 2 HTTP requests in this frame

Frame: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Frame ID: 3E2A6895596893EA41F48FF85EB33431
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9B51BB561B8E20FA835EBDE38D2F136F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E01D392CCF3C1262E7D60FAE9D723D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBE0C0CFD3332E43FC255DC87B8C14E3
Requests: 2 HTTP requests in this frame

Frame: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E290904FA5AA44045B93260CDBAFA35A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Frame ID: 04ADA363DBBBB5FA90AEE26F591372DB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9021144CF8AFEFE77FC35B69A4E8231D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2B245805047D9B03C0F8DA0FC3D2D56
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Frame ID: 6EFC8F64250D26B91FB326BE27C7F98E
Requests: 7 HTTP requests in this frame

Frame: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E79108410034E8C37E015E6BABD2FD53
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Frame ID: 98705DD6FC8DAA8340301B138D3DDE25
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FE1DCBF85EB3FDA297C82072EB8DC2F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E35D90B71DFD3542E509F6939DCF4D3C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Frame ID: FCBD7051AE4E4EF9134B1153F95BEEA6
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 9C3E2F126B35993292995173FC5FD69D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br
Frame ID: 4CE826F36BAD2E8E7BF19A59CEF07CD1
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8E87C7B94FA182B8A728974C1552DCE7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D9656108B72C42C6580BF1738750379
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C41B969CC0CD4E54BB4CAFD34D1EE6F9
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Série de fantasia esquecida no Prime Video retorna após 2 anos e acidentalmente estraga uma grande reviravolta

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

252
Requests

92 %
HTTPS

41 %
IPv6

52
Domains

88
Subdomains

71
IPs

9
Countries

2689 kB
Transfer

7171 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp&cc=1
Request Chain 80
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=terra.com.br&sn=ChromeSyncframe&so=0&topUrl=www.terra.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UWgwUDBqanUzRkZUV3lqY1ZNQ0hBVldFWi9Vei9ib2RzN3piRGxMVzZIblZ2d0R2OVpzdFU4aUpQdVpxMTk5eVhnQmFCbjBPeFA3MGlGbW83MHArbURiRzJUdGlkTSsxclhoSllybDJrUTVTZnordzdFMWpFZkxKdkRScVFNR0cyTjgyNUw1ZWFqd3lEdVgrV0ppN2lmblliZExNd2tEZz09fA&cppv=2
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV1XoCp4HvP0U.2c-ktRiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1
Request Chain 166
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D
Request Chain 174
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_cver=1&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX
Request Chain 175
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENausSCMVOSCerJklFtNsL0&google_cver=1&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy
Request Chain 176
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
Request Chain 178
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKjiQ7K_p2h9d_I7egdnjvk&google_cver=1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700616096798 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-78d37647-689a-45cd-9822-8b33fcc3e918-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv%26google_hm%3DA3jTdkdomkXNmCKLM_zD6Rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg
Request Chain 179
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIU5VN3vnNOuVj38s87moYo&google_cver=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD&google_gid=CAESEIU5VN3vnNOuVj38s87moYo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD
Request Chain 180
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECTGz0mBQLXmkwq7t9KjY84&google_cver=1&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2v31lk1ky97d4rJQBN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2v31lk1ky97d4rJQBN HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1
Request Chain 209
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv
Request Chain 210
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
Request Chain 211
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHCCOlT-2CKE7lPcCdhdj8&google_cver=1&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE
Request Chain 213
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_cver=1&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF
Request Chain 241
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMkYlMkJ5d3VPRFlicjd0UXhJZjBhUHNUeDBWTUtqTjZuajcwZEE5Sm1jbDIybkhZN2FRUUtpQWVzV1YycW9xZGJXTE16UVhFUmFzR010bVBwaHVoakN3Skd3ck9nZFZGVjhVSTNZY0NPdlQwckElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0VvYS9sQmhUbXg3SUZjcjhaRHpDUEV5MjdUWFh0TXFlVnArTlRZUEZZd0dCZjZmbkZpZkhKOWk4NkxZc29VOEJaSkJkNkhKa3c2alRLOGhDTFFYUVdJYXcvR2I4a0FydlJLZElhdUF3VkEwOWwyaW9jcVFpU1dRZzBjcXJta3k3MzRCeDNHd2owWm1tanVNdzNGdG9obko1bEtoTDNibG1SUW41T0Q5clNHTThialRHLzFpOD18&cppv=2

252 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
www.terra.com.br/diversao/entre-telas/
139 KB
27 KB
Document
General
Full URL
https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8b305274ef7d515f8202fcf7329ad4df8a9e3316aed90eef7a7021f11a4f6e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=120, stale-while-revalidate=7200, stale-if-error=3600
content-encoding
gzip
content-length
27359
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security
max-age=15552000
timing-allow-origin
*
vary
Accept-Encoding
x-cache-profile
content
x-cms-delivery-uuid
5c574090-785a-46ec-ad79-088ad8140fd5
x-frame-options
SAMEORIGIN
x-http-reason
OK
x-mt-cache
EXPIRED
x-original-ua
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-xact-montador-time
1700616092
x-xact-uuid
57592f43-52bd-4bb9-b55d-5b30931cd26e
nunito-sans-v6-latin-regular.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/
20 KB
21 KB
Font
General
Full URL
https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v6-latin-regular.woff
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
da4751ec73e5d238811ee5534f1d087a57dbd5e6f018fbc3f7fd2daddce4d9f2

Request headers

Referer
https://www.terra.com.br/
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Tue, 24 Jan 2023 18:55:39 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
20976
nunito-sans-v6-latin-700.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/
21 KB
21 KB
Font
General
Full URL
https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v6-latin-700.woff
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
a84f128a88d8d1b3987d2b7b361c60185a6bee0742f3d6006e207c03db420853

Request headers

Referer
https://www.terra.com.br/
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Tue, 24 Jan 2023 18:55:39 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
21068
lora-v20-latin-700.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/
23 KB
23 KB
Font
General
Full URL
https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/lora-v20-latin-700.woff
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
8aa8d08560aeb088e8d2dd8d1dd7b8eb233e3ca9251d1a0d01dd6ef603c5950a

Request headers

Referer
https://www.terra.com.br/
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Tue, 24 Jan 2023 18:55:39 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
23352
nunito-sans-v8-latin-900.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/
21 KB
21 KB
Font
General
Full URL
https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v8-latin-900.woff
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
83df6bb8897057a8caf2335848092c02418ed425060d403f4223b9ea990134cb

Request headers

Referer
https://www.terra.com.br/
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Tue, 24 Jan 2023 18:55:39 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
21268
1899196327-d74df7dc26b3ce74743a3bf9534e6ad6.jpg
p2.trrsf.com/image/fget/cf/774/0/images.terra.com/2023/08/20/
59 KB
59 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/774/0/images.terra.com/2023/08/20/1899196327-d74df7dc26b3ce74743a3bf9534e6ad6.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
e04601f9d2e0235d87d2778f689d549fb11533393819c2851dd9ca45396bb5fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
last-modified
Sun, 20 Aug 2023 03:36:34 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
MISS
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
60420
zaz.min.js
s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/
347 KB
84 KB
Script
General
Full URL
https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
32276a1e45e05daccc43d76da72947d2acaf4c421c8acb5cea5bc45c48d28a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Mon, 07 Aug 2023 20:45:04 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
85247
mod-manager.min.js
s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/
42 KB
11 KB
Script
General
Full URL
https://s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/mod-manager.min.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
87f7e626437ab9d9a53724b27a4f4b7e9eb7fa777934eccf796484789b3101df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Wed, 04 Oct 2023 14:35:07 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
11016
context.min.css
s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_css/
63 KB
8 KB
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_css/context.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
867ffec3af20a41f3df394f330df233355aee761f5c61ba1c427273169127d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 14:30:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
8164
essential-solid.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/
7 KB
922 B
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
f79af5591075b68476e2f537aecab2b1b45ae632a811495e48435d8a55b11b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 12:35:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
613
sizes.min.css
s1.trrsf.com/update-1690492505/fe/zaz-mod-t360-icons/_css/
1 KB
606 B
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1690492505/fe/zaz-mod-t360-icons/_css/sizes.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
b080b807d04bc53c13d4f6187150410a33ba67d922aaa5fa92e4415c00dcb00a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2023 21:15:05 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
297
essential.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/
2 KB
546 B
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
398679ed650dc3e4cdbea5689c56d09fe2c184273d9b76e468c3447a73c14b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 12:35:06 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
237
portal-sva-solid.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/
2 KB
545 B
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/portal-sva-solid.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
87c1af3973d2aa92a612746b0962e2a6b9d43c87a6655420e4231e06eb082211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 12:35:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
236
theme-default.min.css
s1.trrsf.com/update-1690223707/fe/zaz-app-t360-cards/_css/
10 KB
2 KB
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1690223707/fe/zaz-app-t360-cards/_css/theme-default.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
195230e030a8055f38f964f9667efa1bd84e80971ea937cdb1812089f4393324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Mon, 24 Jul 2023 18:35:07 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
MISS
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1968
theme-default.min.css
s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_css/
16 KB
3 KB
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_css/theme-default.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
7d347c731925b0b5acc41ad16582c431054e8739b9a5fe9216e34638a531dbb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 14 Nov 2023 16:50:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
3018
context.min.css
s1.trrsf.com/update-1698781505/fe/zaz-ui-t360-content/_css/
73 KB
9 KB
Stylesheet
General
Full URL
https://s1.trrsf.com/update-1698781505/fe/zaz-ui-t360-content/_css/context.min.css
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
7d39b27cc3900912b1b79f65e2f1d48590cadd3455f23da59231890c5c7eabb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 31 Oct 2023 19:45:05 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
8481
context.min.js
s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/
31 KB
9 KB
Script
General
Full URL
https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
ac799f588e56af6108fc38f8b3ae88dcba32efa3ed2b66d0098453c8e13d3d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 14:30:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
8583
gpt.js
securepubads.g.doubleclick.net/tag/js/
102 KB
32 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14e86be33c26b00a3b148def30c076c8418aa847eab12691fad3afaf3a4ed4f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31943
x-xss-protection
0
server
cafe
etag
786 / 19683 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 01:21:33 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Nov 2023 23:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5515
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 22 Nov 2023 01:49:38 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:14:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Nov 2023 02:14:20 GMT
js
www.googletagmanager.com/gtag/
263 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c3d630c5ae39363b269fb95be9a8b508b86735605bb0f4d80f2eafc7c09e010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90722
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 01:21:33 GMT
audima-widget.js
audio10.audima.co/
274 KB
92 KB
Script
General
Full URL
https://audio10.audima.co/audima-widget.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01119315436bd3833361eb75ecbdcfdd440dcb56501b4e0b723504ebcb0dd6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 11:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
12237
etag
W/"654cc711-44942"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRASI%2B0zaOBjHwAqHQ%2BxTORqqvyE8DYUViyivEDrD19XLxe284l7xQsFb1wffF5r5kR8FlDBhqK7%2FBWvfitAT9cN1CtALVqDO5iflotFTqhlNhJ64ZezFwiAwg3gC4BhWv1zwhVMh03ngVS5T%2BPpQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
cf-ray
829d5b37bbf7f0cb-CDG
expires
Tue, 21 Nov 2023 23:53:54 GMT
app-t360-cards.min.js
s1.trrsf.com/update-1695327305/fe/zaz-app-t360-cards/_js/
11 KB
3 KB
Script
General
Full URL
https://s1.trrsf.com/update-1695327305/fe/zaz-app-t360-cards/_js/app-t360-cards.min.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
acbc138b5b643e2b872faf9159f3d132cb2deeb516d1cc74634063b092f92e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Thu, 21 Sep 2023 20:15:05 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
3042
prebid.js
s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/
319 KB
93 KB
Script
General
Full URL
https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
985b6466f4bb2a9fa8d26cffc0474313e3c88977cd255fbff494538efa1cbeba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 21 Nov 2023 21:45:09 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
95298
app-t360-navbar.min.js
s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_js/
40 KB
9 KB
Script
General
Full URL
https://s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_js/app-t360-navbar.min.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f364d11c56e0113d9588e72e36ebd378f60d8eae59e1902cbd308c5c8576e7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 14 Nov 2023 16:50:06 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
9186
context.min.js
s1.trrsf.com/update-1698781506/fe/zaz-ui-t360-content/_js/
64 KB
14 KB
Script
General
Full URL
https://s1.trrsf.com/update-1698781506/fe/zaz-ui-t360-content/_js/context.min.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2abaed58100b1df83a5738ff8ef9f0785257e6c703dc770153059f3661b407c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 31 Oct 2023 19:45:06 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
14172
entre-telas-light-rlanosies8xe.png
p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/
1 KB
1 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/entre-telas-light-rlanosies8xe.png
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
08a50a6a84fd01cbe4d55ed7f9c4079344ccc60f089329a225369b3954c03197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Fri, 24 Mar 2023 13:22:00 GMT
server
cloudflare-nginx
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1134
entre-telas-dark-1hv5htx0vvhic.png
p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/
2 KB
2 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/entre-telas-dark-1hv5htx0vvhic.png
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5aa9599851ca70a3756085330f92288adbdef53a09dc49645d3140eef67b5519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Fri, 24 Mar 2023 13:22:29 GMT
server
cloudflare-nginx
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1754
logo-azul-disney-qxi8vqo4kyna.png
p2.trrsf.com/image/fget/cf/88/48/images.terra.com/2023/10/09/
3 KB
3 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/88/48/images.terra.com/2023/10/09/logo-azul-disney-qxi8vqo4kyna.png
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
25281465cabc83360f736a7f6b22716ff3b7855711e511bfa850f576fcec6292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Mon, 09 Oct 2023 13:38:42 GMT
server
cloudflare-nginx
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2980
876543170-47865daa9da111435721c195e52a6b29.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/17/
5 KB
6 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/17/876543170-47865daa9da111435721c195e52a6b29.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
64256d8211aebe9f85cbd2f625a1ea577540413f7c301ea451899987c75d2534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Fri, 17 Nov 2023 18:19:27 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
5616
1504268609-dc3ff2025c16065e42c7854cde66ded9.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/19/
5 KB
6 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/19/1504268609-dc3ff2025c16065e42c7854cde66ded9.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
4851141182a15315cb145e913bae5ae22e2225ad166cdbf0ba2c1ef5db8dc9b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
last-modified
Sun, 19 Nov 2023 15:31:24 GMT
server
cloudflare-nginx
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
5430
393335462-a2ba586cc6d9b8176a0518c2256162c0.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/16/
5 KB
5 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/16/393335462-a2ba586cc6d9b8176a0518c2256162c0.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e237dee547d69d6d5003615dfa74165ab8095c9063c6229a60bdc8d3c9eb1a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
last-modified
Thu, 16 Nov 2023 14:31:23 GMT
server
cloudflare-nginx
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
5246
bars.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/
601 B
577 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/bars.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
deea5aa51b632606d172c672524286d437975f46ffaa264c55d20a8379370942

Request headers

Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
263
terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/
6 KB
3 KB
Image
General
Full URL
https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_css/theme-default.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-mt-cache
HIT
strict-transport-security
max-age=15552000
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Nov 2023 01:21:33 GMT
x-cdnterra-cache-status
STALE
content-length
2595
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
envelope.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/
724 B
732 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/envelope.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
072aac53b7b3f4423dcffc13541197aa59fc1c8e170e88164772c32d0d88d764

Request headers

Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
418
user.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/
516 B
629 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/user.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
816827133e8b7b6964b9d194144b27966925b76923fc786a326873c00eed1489

Request headers

Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
315
angle-right.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/
449 B
568 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/angle-right.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f874a699f20f0730b99a3d16cea28bb4869c0f684dd9cdf40a5e33fa4853a69f

Request headers

Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
254
share.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/
577 B
673 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/share.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
0c23c1806fe41e0f14a9b5b3c0f9e188f338410d4d0e13175ce79605f55e5b64

Request headers

Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
359
ac_logo_light_horizontal-u7wu814c9vsh.png
p2.trrsf.com/image/fget/sc/80/30/images.terra.com/2023/01/23/
1 KB
2 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/sc/80/30/images.terra.com/2023/01/23/ac_logo_light_horizontal-u7wu814c9vsh.png
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
ab6f9ca53170a0cf1a27cba4bfb88255d012b8f52ccd7c70027925d3e8a9ed0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Mon, 23 Jan 2023 17:36:32 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1406
terranovembro_03_doramas-1iepifvy2dl5u.jpg
p1.trrsf.com.br/image/fget/cf/648/364/images.terra.com/2023/11/21/
28 KB
29 KB
Image
General
Full URL
https://p1.trrsf.com.br/image/fget/cf/648/364/images.terra.com/2023/11/21/terranovembro_03_doramas-1iepifvy2dl5u.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
0ee7402f66e72ebec175b110cb2f29f2272d3a0aff70676057e114d6101a5c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
last-modified
Tue, 21 Nov 2023 17:26:56 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
29162
284235015-793b65b7348552a4bdef10c8dfab1136.jpg
p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/
6 KB
6 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/284235015-793b65b7348552a4bdef10c8dfab1136.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
f22fd4eba7ff7e891e024904b6af40c5b50d91b13cc38f01d656fa188f26241c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
last-modified
Thu, 16 Nov 2023 03:22:23 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
5988
545558250-4a77a1be0da009a3332e5be9cd862eb1.jpg
p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/20/
6 KB
6 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/20/545558250-4a77a1be0da009a3332e5be9cd862eb1.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
3a4e793672b13d396ac33050eba557814cf1559504b393d15a25cbbab4aac011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
last-modified
Mon, 20 Nov 2023 04:04:20 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
6338
1070790549-ecb0cbd451ee0b0d09b42adf8144238c.jpg
p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/
6 KB
7 KB
Image
General
Full URL
https://p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/1070790549-ecb0cbd451ee0b0d09b42adf8144238c.jpg
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
a4011f24f951c1c1f02e0c9155b9a34bbaf6de203647c80350bf460a80b711fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
last-modified
Thu, 16 Nov 2023 18:58:25 GMT
server
Terra Web Server
vary
Accept
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
6556
t3m.js
tags.t.tailtarget.com/
347 KB
30 KB
Script
General
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
d4355a580611554bb609332baebf6b757d7aa9820bf9af415ce6c3ca5e6bb184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:35:18 GMT
content-encoding
gzip
via
1.1 google
age
6375
x-guploader-uploadid
ABPtcPq6YGt77RzPPjPrhnO8uHoyPGtPe5RLEzXhuAKB0rV9DNsnUll1Q4UxLZH2wkH1zXiYEdSt77GiNA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29758
last-modified
Tue, 07 Nov 2023 16:17:10 GMT
server
nginx/1.8.1
etag
"05c71adf5092030b021d6131ca7a71af"
vary
Accept-Encoding
x-goog-generation
1699373830066888
x-goog-hash
md5=Bcca31CSAwsCHWExynpxrw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
29758
accept-ranges
bytes
expires
Wed, 22 Nov 2023 01:35:18 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 09:28:32 GMT
content-encoding
gzip
via
1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
57182
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
b_HsEDK-cSbnW68--rCweWKJ7x4mb-66CHmnth7b9aBWCpS2VYrmYA==
zaz-globalstorage-min.js
s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/
40 KB
11 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/zaz-globalstorage-min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:47 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
11113
mod-user-navigation.min.js
s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/
2 KB
1 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/mod-user-navigation.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:55 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
800
newsroom.js
c2.taboola.com/nr/terrabr/
60 KB
18 KB
Script
General
Full URL
https://c2.taboola.com/nr/terrabr/newsroom.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a21abd6022733d362d6ef16e636ff0f764bf42e33b8d2cd71e7c980e4830e45b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 01:21:33 GMT
x-amz-request-id
Q2FCBS8S1P6JRQ3Q
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17554
x-amz-id-2
mZKscEJZUefLwDKigQxEQqbHTrVblTQBUbs3SkxPCBUQ+Ixo4uhVtp9j1aF2SCZGRyLtkw8vlF4=
x-served-by
cache-cph2320056-CPH
last-modified
Thu, 03 Aug 2023 20:35:14 GMT
server
AmazonS3
x-timer
S1700616094.554077,VS0,VE198
etag
"35a02d4909c48aaced3d0622779b8b6a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
publisher:getClientId
ampcid.google.com/v1/
74 B
440 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/
429 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
52976
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 20 Nov 2024 10:38:37 GMT
mod-stalker.min.js
s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/
23 KB
7 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
a5dda836e330652d53ba332e434ed1851651054afb1b0e0e13d8171b48163ac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
gzip
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
cloudflare-nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-cdnterra-cache-status
MISS
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
6760
collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FJBH1GT2QG&gtm=45je3b81v877568120&_p=1700616093391&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1025678541.1700616094&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700616093&sct=1&seg=0&dl=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&dt=S%C3%A9rie%20de%20fantasia%20esquecida%20no%20Prime%20Video%20retorna%20ap%C3%B3s%202%20anos%20e%20acidentalmente%20estraga%20uma%20grande%20reviravolta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channel=diversao&ep.subchannel=entre-telas&ep.breadcrumb=diversao.entre-telas&ep.content_id=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&ep.content_type=not&ep.os_theme=light&ep.content_source=adorocinema&ep.content_author=giovannirodrigues&ep.amp=false&ep.page_theme=light&epn.network_downlink=10&ep.network_effective_type=4g&ep.network_data_saver=false&ep.display_mode=browser&ep.partner_type=interno&ep.published_date=2023-08&epn.device_memory=8&epn.device_pixel_ratio=1&epn.navigation_type=0&ep.content_provider=adorocinema&ep.product=portal&ep.article_special=false&ep.paid_content=false&tfd=1686
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
369 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
b
sb.scorecardresearch.com/
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700616093575&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&c8=S%C3%A9rie%20de%20fantasia%20esquecida%20no%20Prime%20Video%20retorna%20ap%C3%B3s%202%20anos%20e%20acidentalmente%20estraga%20uma%20grande%20reviravolta&c9=
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
via
1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
K5O9Nnik4N9C4OJKnf2zBGBDNcyWPQRbmafYOuzM3Q6wYincxReE3w==
x-cache
Miss from cloudfront
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
338991
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
829d5b39af643673-FRA
expires
Sat, 25 Nov 2023 01:21:33 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 21 Nov 2023 10:03:28 GMT
Via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
55086
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
35cljPwgTuol-qzogikHKNecTqtRQumtOU33MvJD8TpTt57aQnqWCg==
esp.js
cdn.id5-sync.com/api/1.0/
156 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab709475ac54d39d8c7b123b4ba8dacb8f2b9f61f1c82a888115c5fe86ef695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 16:21:00 GMT
server
cloudflare
x-amz-request-id
C29T5NQYSAJD31W6
age
416
etag
W/"9391f2de0f47103f7dd948a8fdf8a53f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
829d5b399b5e1963-FRA
x-amz-id-2
UmMKe9LLqKwXxa1qOeD/JIu5JyIDsMpTkjC5lcJtz1R8fXqbjDqcUNOryffICbGNJDHMSQF5eyOljTd0iOCYZQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26209
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230091-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pv%2FhxHoQFYoorew2%2BNBiwddHkEKfzzqFsoMDwPh2NsrqEjb12WZKKjN0uHL9pqfHiQ6OJLSoZPNVLz4lBjuHGz0EdKW1i2RXK9CP4BoJwXJE4ItZXuyFbejNa0lCIodhma2UGueu9i8a%2BLJVDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
829d5b399c08691b-FRA
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:21:33 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:40:12 GMT
content-encoding
gzip
age
718881
x-guploader-uploadid
ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 17:40:12 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
a94cc52e586c8baad9bffafe97759352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
63794
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
8-b75FKU-N6uKQzPA7AzA8fpkr7Js2Li7kWSoBVwC2aQK-fbIIL3zA==
ads
securepubads.g.doubleclick.net/gampad/
952 B
579 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4436642718262140&correlator=4243175808755408&eid=31079666%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.adorocinema.cobranded%2Carticles&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=2076216588&sfv=1-0-40&fsbs=1&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700616093627&lmt=1700616093&adxs=0&adys=6732&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&vis=1&psz=1600x6731&msz=1600x0&fws=0&ohw=0&ga_vid=1025678541.1700616094&ga_sid=1700616094&ga_hid=1586805985&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuP_4pL8xSABSAghkEhsKDDMzYWNyb3NzLmNvbRi3__ikvzFIAFICCGQSGQoKcHViY2lkLm9yZxi4__ikvzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuP_4pL8xSABSAghkEhcKCHJ0YmhvdXNlGLj_-KS_MUgAUgIIZBIZCgp1aWRhcGkuY29tGLj_-KS_MUgAUgIIZBIUCgVvcGVueBi4__ikvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLj_-KS_MUgAUgIIZA..&dlt=1700616093070&idt=525&prev_scp=pageid%3Dd73921d893106e0c8f6f8d0600c333ba3t5nx1b6%26contentsource%3Dadorocinema%26breadcrumb%3Ddiversao.entre-telas%26channel%3Ddiversao%26subchannel%3Dentre-telas%26testfloor%3Dtrue%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26contentauthor%3Dgiovannirodrigues%26vendor%3Dadorocinema%26pf%3Dfalse&adks=3968033954&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ffba6340e22afe2844579cfacfb6bc976a70f76ce0932a3d474280b2e363e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
548
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0B1
6 KB
3 KB
Document
General
Full URL
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:33 GMT
expires
Thu, 21 Nov 2024 01:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
4 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1586805985&t=pageview&_s=1&dl=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&ul=en-us&de=UTF-8&dt=S%C3%A9rie%20de%20fantasia%20esquecida%20no%20Prime%20Video%20retorna%20ap%C3%B3s%202%20anos%20e%20acidentalmente%20estraga%20uma%20grande%20reviravolta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEIJAAQCACAMIC~&jid=490318003&gjid=2068829687&cid=1025678541.1700616094&tid=UA-54936151-1&_gid=339124889.1700616094&_r=1&_slc=1&cd1=diversao&cd2=entre-telas&cd4=contenido_digital&cd5=diversao.entre-telas&cd6=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&cd7=not&cd9=terra&cd10=light&cd18=adorocinema&cd19=giovannirodrigues&cd48=terra360&cd49=false&cd52=light&cd60=10&cd62=4g&cd63=false&cd64=browser&cd68=interno&cd72=default&cd75=2023-08&cd84=8&cd85=1&cd92=0&cd94=adorocinema&z=774506104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ID
www.terra.com.br/coletor/user/
225 B
576 B
Fetch
General
Full URL
https://www.terra.com.br/coletor/user/ID?reason=NewProfileStalker&JSUA=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.159%20Safari/537.36&site=br
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d638f4f70cf32d8de9b96a8d23aa097358fff6429de6e191c7ee131ed688423a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
x-xact-hosts
stalker=stalker-canary-798ffbc8cc-x5skg
x-content-type-options
nosniff
x-xact-uuid
80327f25-2f42-4103-9597-308a7284f6ae
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length
179
include
p1.trrsf.com/api/includer/
903 B
560 B
Fetch
General
Full URL
https://p1.trrsf.com/api/includer/include?component=mod.liveRamp&country=br&env=prod&format=json&group=web&scheme=https
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
18ea7d44f4fecd2f320897686d1e57be8fa6ce48d92d1942dee116953deeacc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
335
x-includer-uuid
bae8ca3f-f0b2-4d51-a8dd-02f9fd7224f6
collect
stats.g.doubleclick.net/j/
4 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54936151-1&cid=1025678541.1700616094&jid=490318003&gjid=2068829687&_gid=339124889.1700616094&_u=aCDAAEIIAAQCACAMIC~&z=567527311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/
0
232 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.terra.com.br
date
Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
whatsapp-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/
1 KB
850 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/whatsapp-color.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
8d4c7adc599852b039fa8c7eee377d82229e0acba62a7c9f002bd2a246fd27b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
536
facebook-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/
555 B
634 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/facebook-color.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
d67d230ae95712c0093c288cba19921dbb227c2cecd64db62e85678cc1b43954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
321
twitter-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/
483 B
581 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/twitter-color.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
32c680c039a7c71df985f40c5ac836e75b8d7897f877f0dac911509bb8ce756c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 18:05:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
267
pinterest-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/
921 B
811 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/pinterest-color.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
8705035cf0fd5a8366a76994aae9de1bb5966912c8c52023b798130c9935c1f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
497
ShowArea
p1.trrsf.com/api/tagmanfe/
5 KB
1 KB
Script
General
Full URL
https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.cobranded_adorocinema.articles.cabeceira&area=cabeceira&direct=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/mod-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
299ad733ac887166de3c640031cd47ca45d6198470d0991e04a4f948d6b5c9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
x-tagman-uuid
e3a85d01-b3d4-46d6-9806-6d2a1f1baea6
content-length
1149
ShowArea
p1.trrsf.com/api/tagmanfe/
7 KB
1 KB
Script
General
Full URL
https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.cobranded_adorocinema.articles.s1&area=s1&direct=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/mod-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
878833034930c587ec4a5db7d092c8de5d0269656047e76fc016b9c927d93175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
x-tagman-uuid
be5089c3-15bc-4715-a138-c0ec55cf0841
content-length
1187
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravol...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravol...
85 B
203 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp&cc=1
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
ba2041dfdf774964cba3c841a0335e9d7c649b85ff92c14a4cfe144c37d84d3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-rN9GZCy7tgIw19rIr/2LfW+xqvs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 22 Nov 2023 01:21:33 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.terra.com.br
location
/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/
60 B
336 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.46.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-46-188.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2a20c1b8c427362f9d8a17e170362fc4a942916fe28ffd6786a27dc4979a69d5

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache
x-server
10.45.13.193
access-control-allow-credentials
true
content-length
60
expires
0
encrypt
esp.rtbhouse.com/
329 B
603 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
04cb27b9562e872b685a7327fda10d83d53e2208d3e44e82041d7da8a64be8b4

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:33 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
f609225f6e5ec6b842864bfc15a6f9af
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54936151-1&cid=1025678541.1700616094&jid=490318003&_u=aCDAAEIIAAQCACAMIC~&z=1225968679
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54936151-1&cid=1025678541.1700616094&jid=490318003&_u=aCDAAEIIAAQCACAMIC~&z=1225968679
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 0452
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.terra.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:33 GMT
server
Kestrel
server-processing-duration-in-ticks
297479
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 0452
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=terra.com.br&sn=ChromeSyncframe&so=0&topUrl=www.terra.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UW...
433 B
651 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UWgwUDBqanUzRkZUV3lqY1ZNQ0hBVldFWi9Vei9ib2RzN3piRGxMVzZIblZ2d0R2OVpzdFU4aUpQdVpxMTk5eVhnQmFCbjBPeFA3MGlGbW83MHArbURiRzJUdGlkTSsxclhoSllybDJrUTVTZnordzdFMWpFZkxKdkRScVFNR0cyTjgyNUw1ZWFqd3lEdVgrV0ppN2lmblliZExNd2tEZz09fA&cppv=2
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
27d4aa6771bebbd0b3a44bc2d659ee33a9f07c3a69fb8bab3971d0eaccf815c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1195772
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UWgwUDBqanUzRkZUV3lqY1ZNQ0hBVldFWi9Vei9ib2RzN3piRGxMVzZIblZ2d0R2OVpzdFU4aUpQdVpxMTk5eVhnQmFCbjBPeFA3MGlGbW83MHArbURiRzJUdGlkTSsxclhoSllybDJrUTVTZnordzdFMWpFZkxKdkRScVFNR0cyTjgyNUw1ZWFqd3lEdVgrV0ppN2lmblliZExNd2tEZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
258720
content-length
0
expires
0
userArea
www.terra.com.br/coletor/user/ID/
170 B
548 B
Fetch
General
Full URL
https://www.terra.com.br/coletor/user/ID/userArea?fetch_data=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4eaf5909fe48b7887f0f577e60aea78b741f20c84eacbdb7cd46de63e1016587
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
x-xact-hosts
stalker=stalker-canary-798ffbc8cc-k7n94
x-content-type-options
nosniff
x-xact-uuid
3cb8182b-e195-41ec-b401-fbdadde58512
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length
152
include
p1.trrsf.com/api/includer/
5 KB
838 B
Fetch
General
Full URL
https://p1.trrsf.com/api/includer/include?component=app.t360.favoriteTeam&country=br&env=prod&format=json&group=web&scheme=https
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
4cd4a49cc6659ce6bf04a3f3604a34e2b5aab521057c52e326e4dc1b65fa2651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
614
x-includer-uuid
6ac069b9-aa11-4745-a00e-a9792c5924e1
iframe-later-terra-player-audima.html
audio10.audima.co/ Frame 3E2A
2 KB
1 KB
Document
General
Full URL
https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Requested by
Host: audio10.audima.co
URL: https://audio10.audima.co/audima-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815e0c138f6f77700d3e43fb32bba558cd1870df24913ddda5caa9b508e5ed18

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=14400 public
cf-cache-status
DYNAMIC
cf-ray
829d5b3c4e36f0cb-CDG
content-encoding
gzip
content-type
text/html
date
Wed, 22 Nov 2023 01:21:34 GMT
expires
Wed, 22 Nov 2023 05:21:34 GMT
last-modified
Thu, 09 Nov 2023 11:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p91Yewk3sKSvVd3YjayaedmMMbQIvbIsBjWdmOYqR4%2BWJFZf%2Bs7tstdu%2B0pqTwlhx6ySb4gMHyJstHbAfvUH5FYLeHcO%2FOQ3K1EF97uwe2A7mL8kYzNDDv%2FwGftq61m5iRrNSnd%2BupkZup6PBKWog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pd
google-bidout-d.openx.net/w/1.0/ Frame 9B51
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 22 Nov 2023 01:21:34 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
emailHashes
www.terra.com.br/coletor/user/ID/
189 B
558 B
Fetch
General
Full URL
https://www.terra.com.br/coletor/user/ID/emailHashes?fetch_data=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
281db6c6856ae3b30503ce0d7dad18b868602815e0b1607fa5d19f07e8c573e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
x-xact-hosts
stalker=stalker-5c74f4c467-wxl9h
x-content-type-options
nosniff
x-xact-uuid
142d3fea-9a01-4083-8fc5-004d8bd4ce06
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length
165
terra-player.css
audio10.audima.co/ Frame 3E2A
10 KB
3 KB
Stylesheet
General
Full URL
https://audio10.audima.co/terra-player.css
Requested by
Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e04561b7c210f1f73737c0744e8e081183cf25d6a21332d52bc6321cc5e3bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 11:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5789
etag
W/"654cc711-27bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giZrtMBWRObd1yhgk7ql6NcDEuEUmZLkTpacBzquNr%2BmZBtNKYSVjjK3i0bWaGoXUyLkbhp0ljMPRIykaxrM64Uo8R3kUckMeXw8oNEEdkRndLvUVxPEBQWjXUDkKg%2BsJrMqcJaftw45Bb46HyKTfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
cf-ray
829d5b3daec9f0cb-CDG
expires
Wed, 22 Nov 2023 00:56:24 GMT
all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame 3E2A
69 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Requested by
Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio10.audima.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1804630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10277
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-1137b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7agHpJJjQ%2BzlldosKQEhOjCqDMWiZfCr%2Fj%2FfzEHbUAvqMVNMOlbpep2m%2BchdU7ZxqrP08gIQn%2BblrP4eH%2F3njI39267%2Fz87Pxy7NepArTEn7a0CI8cQRrTAcLkmuFiYhJ1wErayzh5BeiuOQyBbVYzQn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
829d5b3dec5b9112-FRA
expires
Mon, 11 Nov 2024 01:21:34 GMT
audio-tts-player.js
audio10.audima.co/ Frame 3E2A
86 KB
26 KB
Script
General
Full URL
https://audio10.audima.co/audio-tts-player.js
Requested by
Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445f1c14212e411213db2b5977acfe2443a318f31a8ad0e50ba526aa7f579c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 11:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4345
etag
W/"654cc711-15624"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXVwXssL%2F1hWnFKQpj4Edj0gZlTmLZoq6Zi11hqHFkpzewfvmJr5eW7KzfmqFG4GEv31Cbd%2B19Ngxx%2Fp%2FxKImdDVII5CENk8NxNhmJFj7Dt%2BQR8uFNJzqmTCzU0yb1ZwZioTI%2F%2B55mnNS4IFxsb19g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
cf-ray
829d5b3dced5f0cb-CDG
expires
Wed, 22 Nov 2023 01:49:13 GMT
call-init.js
audio10.audima.co/ Frame 3E2A
1 KB
989 B
Script
General
Full URL
https://audio10.audima.co/call-init.js
Requested by
Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852ec930a724b6c7bac9ad426e89c8b2921cd382350981232a2016373ac7168d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 11:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
12459
etag
W/"654cc711-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VbUuxybyUC4qFrBOnQW98Aa3fphcbtMzioo1w2R6iuZRshLfaICQzVOUmv40ZNGYionUpbwaIOQFNVAWjS9WSWpWWgV8Z1CXfUCAuW1YuGlOeBEMPwg7V7VqM055IcnuQu3DxHKbKKyqoGhFMW2HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
cf-ray
829d5b3dced6f0cb-CDG
expires
Tue, 21 Nov 2023 23:07:51 GMT
mod-notifications.min.js
s1.trrsf.com/update-1674586311/fe/zaz-mod-notifications/_js/
9 KB
3 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1674586311/fe/zaz-mod-notifications/_js/mod-notifications.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
31f1a4a51455378e4dc8df3ad43341034b8a64663dcfa2679f3892717ccb242a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:51 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2355
css2
fonts.googleapis.com/ Frame 3E2A
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap
Requested by
Host: audio10.audima.co
URL: https://audio10.audima.co/terra-player.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
834f991f763949d6143e42ae63133bd85f51b9c62dea1fd70d41b6a8d0ae97cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio10.audima.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 00:33:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 01:21:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 3E2A
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://audio10.audima.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
384726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:29:28 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ Frame 3E2A
74 KB
75 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Origin
https://audio10.audima.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75728
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JudlL%2FmbhXiBFILT%2BwEK5Ape4Gte2vPpt8WH0I1%2F4Bt55E00CTle655FqjKSun0TaMECPk7X3EoEYwjIm1I96dly8Yb5fLOkBxwo%2FELEtpu2xZ%2FLQsq4RhGXQmQArOgrqiupgHgHXkxa%2FLsefSK7mEVF"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
829d5b3ec99a8fec-FRA
expires
Mon, 11 Nov 2024 01:21:34 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/
2 KB
2 KB
Script
General
Full URL
https://launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/launchpad-liveramp.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-121.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2e49f5e40e39f5614535953895df892bc0c254a5320538f569c855fb78cdc74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
eZNjyPz7PNyNz17FMnRfBLDEn4DaSpS8
content-encoding
gzip
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
date
Tue, 21 Nov 2023 06:29:35 GMT
x-amz-cf-pop
FRA56-P2
age
67929
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 16 Aug 2023 12:52:10 GMT
server
AmazonS3
etag
W/"70fbd1fa28a74da228091e81058d667e"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
p4PanyGh6u6r5pQgZ3bKmYbYjc90K7rm3SrqY4DxMuxotu9aDH3saw==
ShowArea
www.terra.com.br/api/tagmanfe/
316 B
371 B
Fetch
General
Full URL
https://www.terra.com.br/api/tagmanfe/ShowArea?key=br.config.backend.adnotification&area=adnotification&direct=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
397573d616b2f2f202ddb08bd11860e2e8be72cb60bc9b13b97367d25915cd33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
x-xact-uuid
698049f4-6c5a-4bfa-a087-eb79409f4d86
content-length
239
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
client
accounts.google.com/gsi/
199 KB
79 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RQqlFHDxRgOkLb1wvtmfwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RQqlFHDxRgOkLb1wvtmfwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 22 Nov 2023 01:21:34 GMT
userArea
www.terra.com.br/coletor/user/ID/
170 B
543 B
Fetch
General
Full URL
https://www.terra.com.br/coletor/user/ID/userArea?fetch_data=true
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4eaf5909fe48b7887f0f577e60aea78b741f20c84eacbdb7cd46de63e1016587
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
gzip
x-xact-hosts
stalker=stalker-5c74f4c467-n9m8s
x-content-type-options
nosniff
x-xact-uuid
2e66c8de-18cc-47a2-9ec3-51bd5c6f4c7f
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length
152
launchpad.bundle.js
launchpad.privacymanager.io/latest/
128 KB
26 KB
Script
General
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
PnaJdxHydHN9eEuWHl7A1SeLMo27G9Y2
content-encoding
br
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 01:04:47 GMT
last-modified
Fri, 27 Oct 2023 11:56:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1008
x-amz-server-side-encryption
AES256
etag
W/"8f65165dbe6028fe7739c568043840fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
Q_KpQ7Yu4qDo05wmGoJNueFIHyLJKW0gjoutxlvdHaCtb_osNydChg==
app-t360-favorite-team.min.js
s1.trrsf.com/update-1695045306/fe/zaz-app-t360-favorite-team/_js/
20 KB
5 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1695045306/fe/zaz-app-t360-favorite-team/_js/app-t360-favorite-team.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
699171c33635b7afd52c1581a8d3308aa1af5eab32a8996acffaa428310530ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Mon, 18 Sep 2023 13:55:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
4546
theme-default.min.css
s1.trrsf.com/update-1695045305/fe/zaz-app-t360-favorite-team/_css/
5 KB
1 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1695045305/fe/zaz-app-t360-favorite-team/_css/theme-default.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
295c8fb354a39789d21bc7a88dc34e7bd844414b6086cd16f27db98a8dd77d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Mon, 18 Sep 2023 13:55:05 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
954
/
geo.privacymanager.io/ Frame
0
0
Preflight
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-89.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.terra.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 22 Nov 2023 01:21:34 GMT
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront), 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-apigw-id
Oxqg4FMJDoEEiyg=
x-amz-cf-id
qY-vVlhWLS508clqZ3NakqDAVAgLksJWl349JVOQ_YAL87kwc9vY7Q==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
2b1df28e-ef64-4b37-aa1f-2c83805020ab
x-cache
Miss from cloudfront
/
geo.privacymanager.io/
28 B
605 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-89.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Nov 2023 02:00:19 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
84075
x-amzn-requestid
ecef46b4-d67d-46ff-884e-caed871d446e
x-amzn-trace-id
Root=1-655c0f33-6b87bd34580a07997f7a7c82;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
OudQFGKHDoEEimg=
content-length
28
x-amz-cf-id
MwVRMraGFaF5z-aruy7U-Kgbb-1rTH0QH3rXrGIUUWtYl-KDGjr6Nw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
conversion.js
d.tailtarget.com/
15 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 21:36:53 GMT
content-encoding
gzip
age
13481
x-guploader-uploadid
ABPtcPoQpBAPTEc0G5rrXd-ZQCynoYJX0NIPt-HQ1gDUvonAU0igO9tcl6CTjZnVtSRys56Swgk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Wed, 22 Nov 2023 21:36:53 GMT
otToken.js
storage.googleapis.com/fledge-tests/
413 B
895 B
Script
General
Full URL
https://storage.googleapis.com/fledge-tests/otToken.js
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:17:55 GMT
age
219
x-guploader-uploadid
ABPtcPoWciDCBCxnOaJBGkRSiCvs6PYXpazXY9DDg3Nfj6ajQoHldtdLACz5PD9hkRgtM_8XZFY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
413
last-modified
Tue, 08 Nov 2022 10:42:35 GMT
server
UploadServer
etag
"483749ebdd3ce30b016713e5624a0bf8"
x-goog-generation
1667904155021583
x-goog-hash
crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
413
accept-ranges
bytes
expires
Wed, 22 Nov 2023 02:17:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4ff94047956e5c12c16f8deda8d226f7ec44386867e96db38ce3cc617ac1868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12374
x-xss-protection
0
zaz-datetime.min.js
s1.trrsf.com/update-1674586306/fe/zaz-mod-datetime/
38 KB
11 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1674586306/fe/zaz-mod-datetime/zaz-datetime.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
285b329154d66c830326cdfe19681500a9f2f11f0bbd36b04440340b9f3a9e23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:46 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
10530
base.js
d.tailtarget.com/
20 KB
8 KB
Script
General
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:07:23 GMT
content-encoding
gzip
age
54851
x-guploader-uploadid
ABPtcPp8JYtWlgD5wlCY-lm755pPkzOUrdHIZKrLKp7kaslCkoJKCH4NMRMegH05qHizcLytw6s
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Wed, 22 Nov 2023 10:07:23 GMT
trk
tt-10969-0.seg.t.tailtarget.com/
70 B
778 B
Image
General
Full URL
https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:bratargettecinformaticaapple:1|_channel:brachanneldiversao:1|_channel:bratargetdiversidade:1|_channel:terrahomepage:1|_channel:terraconteudointerno:1|_channel:adorocinema:1|_channel:brachanneldiventretelas:1&tK=1700616095&tM=direct&tL=direct&tN=direct&tY=3&tZ=268787629
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
u
b.t.tailtarget.com/
72 B
514 B
Script
General
Full URL
https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
126ff8c0e781563aa02fa93b00449f80e2bd09fdcad30a6ee5624bf48a86c0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pageviews
www.terra.com.br/coletor/user/ID/
225 B
576 B
Fetch
General
Full URL
https://www.terra.com.br/coletor/user/ID/pageviews
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d638f4f70cf32d8de9b96a8d23aa097358fff6429de6e191c7ee131ed688423a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
x-xact-hosts
stalker=stalker-canary-798ffbc8cc-vd5m9
x-content-type-options
nosniff
x-xact-uuid
7b606142-0a51-4fda-8b13-592d27aa0755
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length
179
bell.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/
657 B
707 B
Image
General
Full URL
https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/bell.svg
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
6d2002313fe4dc7cea780501d474df1d98af6be04b0cdb0a1366a841997a844f

Request headers

Referer
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin
https://www.terra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
393
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 01:21:35 GMT
zodiac-solid.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/
1 KB
513 B
Fetch
General
Full URL
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/zodiac-solid.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
c77b820ac1ce0e0962e7c2e834a4f1afb0c214d932a0b554d8a8a26e73fe9a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 12:35:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
205
shields.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/
19 KB
3 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/shields.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
62e88026d379effdb840b2b2504c64a2e11900885441f1eeb3695d481d140193

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:34 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 12:35:06 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2418
include
p1.trrsf.com/api/includer/
826 B
529 B
Fetch
General
Full URL
https://p1.trrsf.com/api/includer/include?component=mod.aps&country=br&env=prod&format=json&group=web&scheme=https
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
68d511a07b459a7e9fa7db459113881ccd3932313545b1c776022e3e5e21d863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
305
x-includer-uuid
ca1c649a-279d-40d2-ae8d-5162af1bafbe
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E01
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17783
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 20:25:12 GMT
expires
Wed, 20 Nov 2024 20:25:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EBE0
829 B
998 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0031ada69905040a7741dfd64daf65b6a854123dbbe88cf4f766ec1ccbff1126
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VxavU62AqwePfKWW8HSaSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-VxavU62AqwePfKWW8HSaSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:35 GMT
expires
Wed, 22 Nov 2023 01:21:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
apstag.js
c.amazon-adsystem.com/aax2/
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 00:43:50 GMT
content-encoding
gzip
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2266
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
oly-DTCPnighJqMMuvXF_QLrAMQiFuFgMwoN4cty_yaSw00ELYz8FQ==
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1E01
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
7207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EBE0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=4436642718262140&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date
Tue, 21 Nov 2023 11:39:52 GMT
x-amz-cf-pop
FRA56-P6
age
49316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
P_Rc8eoi32IEvssH9sxg3rgY2s5tMqOaED-E2A4KTk3iNFxYZDAglA==
generate_204
tpc.googlesyndication.com/ Frame 1E01
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?YD0HQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b
b.t.tailtarget.com/
128 B
558 B
Script
General
Full URL
https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=1&tU=0100007F9F575D65D906B316024E3551&tX=b.52&tZ=157015395&env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
7ea66bd6768888d5b5ad1e4bdeb009091927e02a70574328056a3b98dbd53524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
include
p1.trrsf.com/api/includer/
11 KB
1 KB
Fetch
General
Full URL
https://p1.trrsf.com/api/includer/include?component=app.t360.navbarNotifications&country=br&env=prod&format=json&group=web&scheme=https
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
4c7966902e836ea786aff3d524361b9eeeb91103698ca0eca1a5318f6a1a85ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
server
Terra Web Server
vary
Accept-Encoding
x-cdnterra-cache-status
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length
881
x-includer-uuid
c701c4ce-9766-4c7c-b666-c54adbf503ae
ca
tt-10969-0.seg.t.tailtarget.com/
128 B
153 B
Script
General
Full URL
https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=816364550&env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
eeb9b061abe3312b5b7f646784d9a728d963b1f632c6df4d560cb33b67636b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
__tt.gif
t.tailtarget.com/
43 B
298 B
Image
General
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=___de_1700616095261_3648182805&tJ=CA3731,CA6935,CA4723,CA5682,CA4729,CA7125,CA33426&tQ=bratargettecinformaticaapple,brachanneldiversao,bratargetdiversidade,terrahomepage,terraconteudointerno,adorocinema,brachanneldiventretelas&tU=0100007F9F575D65D906B316024E3551&tX=b.52&tY=1&tZ=903710838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=4436642718262140&bg=!GRqlGlXNAAZxrfrxUa07ADQBe5WfOKmm-2SGr2c4gjxuN2swL4iz_Y733e3h-qVVM-WVTLOtntWf6JD29bvx1ZJ1a8rkAgAAAEdSAAAAA2gBBwoAMWBJjuIVpCJIQ5HNZUu5XTa0rAYUNe1GmNOeL_a9z8AnPgyJdDuvlWFcBOh8eXcwBvmZArPLL0qfWN9tnIE4Z11rUarueIJihlzoA6Zn0N7nhDjDrV3x1Rcc-XoGphCr7kB9-AJ91s57x6q8RWu2bZ_uGAfwlCVvypcpC_CoFhPu1NEa2EmujGtItzSZLjj3Q6mZT8mnleMbsBObKXyt00SmK1G7NVbQOUZlaHKXpc9bepYUM5_7cVnOhNxV7AjU1KV_JvAzkegtityDU_M3asPXQYNdSMTLp3piaqcoml-31XVndgx36AJzbBukjJ0wcWc524mBjwgcEgtPpHV_ouJ0ZbdB9iAJ1AWnEb_SfLZKLBCEuE1SeJHE3NBKIAQeslF_no1PPofdRIPBxsB8hJ2umZ9ZBRsxV_AcQFom2SNyzt4DfXSfT9YI_9tcw3K4gMDcRkV13bTlrID6VZB_IjAw-I4n4HkmCfhi4dpwAWt6JwWzk8g0YM7VQS7c3JCeVRmAMfMXgy_FGmQoe-sCtBqGyHo9srJqshCqVdRdqNekm7DjhUeo0YFnDO273tXVeBKtvWIeO2YLM-RnkR-jaPEynClLXopI37gahy8YsJRJZUUe7y-dcxmHdtI6guYmQdddcM4iP6f4lomRccC769QCvSBxhiUrQTmMK2aIYTyheSjzc8f4ZEPTnXkFUVa8ByjrHPwX0NmYIRdb8PbB5_8W_Dr05rsrErZ_PDRU5iAdvku2Ad3pguEbCCnD8G7dBQvLVLL3tD0r9T5Wvdt-T61HcCozbA-ZY-IdJX-eQL1PyE0jP1G3UlpR3Kv1TlchDt6e8C6OglgZUhc1nYC-MwOPhKMeceP2Ic6A9PktJZS4nk4ExlzTATfChSfmd_5l7kGcfGkhkXJIJClONm82QckcYVt7F_EnlSLXcar-T491lEfKOJPNEIYpQJeRgFiIp1ibHDA9lj95OhsmqaOCvYN_RyZSHsRf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

bc92a28d-5a18-4ea4-9491-626e7826c69c
config.aps.amazon-adsystem.com/configs/
537 B
813 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
961020d0efe656c99d2be6010e9a6fdb40709129310cae1fb7a5c92a7aa02e44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:13:32 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
483
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
8fJD4hnDKYZUoTH_s3MUQzUPpdXCSyQHXlhz6tdRHfyb9NGzyy10DQ==
config
c.amazon-adsystem.com/cdn/prod/
0
310 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.terra.com.br&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 22:12:16 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
11358
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.terra.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
OswpY7RHvbv7y-Fl3Xzk4502raRuRdouoyz7ILe8l2n24vic7hhqAg==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
464 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&pid=pIXmCTIqnX1h0&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22ad-content-s1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fs1%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
56H2DZGY1BBGFSHP3S8K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0qFMD7nzV4lYSWY4hbzBD_H2LpOy8qeFHR3LtVqwUn6NC3H2zxua7Q==
prebid
ib.adnxs.com/ut/v3/
142 B
960 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fa7d6ac935d3cf0bf7ac4547294cf5a2b513f96c4c098f19ef01af77e512502e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
an-x-request-uuid
db6b6b17-177e-4217-8515-f052e1b10233
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
142
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
55ccbdbaa27631199497ba57202bb5c82981f6805f272fa8c02118be1f41d245

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
58
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 01:21:35 GMT
bid
s.seedtag.com/c/hb/
11 B
380 B
XHR
General
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=83886038432&lsavail=1&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMkYlMkJ5d3VPRFlicjd0UXhJZjBhUHNUeDBWTUtqTjZuajcwZEE5Sm1jbDIybkhZN2FRUUtpQWVzV1YycW9xZGJXTE16UVhFUmFzR010bVBwaHVoakN3Skd3ck9nZFZGVjhVSTNZY0NPdlQwckElM0QlM0Q
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.terra.com.br
date
Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/
18 KB
10 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
20e58a9f3f301cb7cefc50ba90d5e615228189b2e1f0d8dc218931e04d79e650
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
an-x-request-uuid
f736a601-db24-4a78-bbe2-90b50fca4ff7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:35 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/
640 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_v.sticky=true&tg_v.pageid=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&tg_v.contentsource=adorocinema&tg_v.breadcrumb=diversao.entre-telas&tg_v.channel=diversao&tg_v.subchannel=entre-telas&tg_v.testfloor=false&tg_v.words=pt%2Cmedium&tg_v.connection=4g&tg_v.fledge=false&tg_v.parceiro=true&tg_i.domain=terra.com.br&tg_i.page=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_i.adunit=br_terra_adorocinema_cobranded%2Farticles%2Fs1&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fs1&tk_flint=pbjs_lite_v7.54.5&x_source.tid=69e90e30-bbff-421f-98ab-2a2c425609de&l_pb_bid_id=17859bffe077bd2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=69e90e30-bbff-421f-98ab-2a2c425609de&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fs1&slots=1&rand=0.5321539468703105
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
60ff86054727c55a94648b2a3d375a30d0f4ec1775f2444e9d7ba7e9e84c21bb

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
462 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&pid=pIXmCTIqnX1h0&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22header-full-ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%221272x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fcabeceira%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
WACCMWCHRFNGZE1PY3Q6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8JJWQ_8tZ_DYhp_LtfUk_4FSHleAYPUBweqgdj7YnUthkqP6LdqtUw==
v1
prg.smartadserver.com/prebid/
171 B
558 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
15 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f723ce7dff47c0ab2c047ec493efcc075cc2ae9ce1b0a7e78d816c531dd63cc7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
an-x-request-uuid
3eee69ec-fe38-4250-b7ba-af2c8e84830f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/
1 KB
2 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
14e9eb55013564bb7ccd919065e7be491b3a2275b16251ee42c5a2092ade1b79

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
54
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 01:21:35 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
5 KB
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_v.viewport=s1&tg_v.pageid=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&tg_v.contentsource=adorocinema&tg_v.breadcrumb=diversao.entre-telas&tg_v.channel=diversao&tg_v.subchannel=entre-telas&tg_v.testfloor=false&tg_v.words=pt%2Cmedium&tg_v.connection=4g&tg_v.fledge=false&tg_v.parceiro=true&tg_i.domain=terra.com.br&tg_i.page=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_i.adunit=br_terra_adorocinema_cobranded%2Farticles%2Fcabeceira&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fcabeceira&tk_flint=pbjs_lite_v7.54.5&x_source.tid=3a1feeb2-ca2f-498b-b461-718681de9c9c&l_pb_bid_id=2672cd020076db4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3a1feeb2-ca2f-498b-b461-718681de9c9c&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fcabeceira&slots=1&rand=0.38857874459892394
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
836eea9098648195ed10f5ae2927e3f6b30ad7bf7b8a32a80bfd89f6fec7653d

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/
11 B
74 B
XHR
General
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/
15 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
49e9f098e2fa8a7f920889affc875779056100b74abfe5f34c9b6985054c1d3d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
an-x-request-uuid
05a8bee7-f05d-4c61-9a0b-ef49c9b6b806
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
195 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=73512328173&lsavail=1&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMkYlMkJ5d3VPRFlicjd0UXhJZjBhUHNUeDBWTUtqTjZuajcwZEE5Sm1jbDIybkhZN2FRUUtpQWVzV1YycW9xZGJXTE16UVhFUmFzR010bVBwaHVoakN3Skd3ck9nZFZGVjhVSTNZY0NPdlQwckElM0QlM0Q
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.terra.com.br
date
Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
app-t360-navbar-notifications.min.js
s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_js/
12 KB
4 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_js/app-t360-navbar-notifications.min.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Terra Web Server /
Resource Hash
4df13c526ff0f84c49de003792de9d1256e1cfc34e17d6f9d12402b61241ef77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
br
last-modified
Tue, 05 Sep 2023 13:40:06 GMT
server
Terra Web Server
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
3280
theme-default.min.css
s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_css/
6 KB
2 KB
Fetch
General
Full URL
https://s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_css/theme-default.min.css
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2f184ebb644b10356c882abb0fc4788abfefdccaf8b2e62673cdd9eb1dc7d959

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:35 GMT
content-encoding
br
last-modified
Tue, 05 Sep 2023 13:40:06 GMT
server
cloudflare-nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
1314
ads
securepubads.g.doubleclick.net/gampad/
26 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4436642718262140&correlator=983533580013421&eid=31079666%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.adorocinema.cobranded%2Carticles%2Cs1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=2&didk=2382027107&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3Dc6e8faaf699284c3%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MZAgegc3NCNwRgwjqNjyQaTXiRRng&gpic=UID%3D00000cd6bd46ae79%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MYST5HZKSnSL__11DG_O1UaGiW2ZQ&abxe=1&dt=1700616096079&lmt=1700616096&adxs=1066&adys=527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&vis=1&psz=306x250&msz=306x250&fws=4&ohw=306&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1025678541.1700616094&ga_sid=1700616094&ga_hid=1586805985&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuP_4pL8xSABSAghkEhsKDDMzYWNyb3NzLmNvbRi3__ikvzFIAFICCGQSGQoKcHViY2lkLm9yZxizgPmkvzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YuP_4pL8xSABSAghkEq4CCghydGJob3VzZRKYAlQ3dVN6aHVVYmRlbld2MEI3bE96bnprZ0R5QXY5MVUrUFV2V2h4ZXNjbHk1ZXVSZjBTWEROOXh4a0xkS2Zsd1doTWpsTnNCazdVU1oySlNtRUdFZkRnWE1oNzZoQVFQN1F3NmhxeW1QSlgvcUFja3BGUENac0ZxNEVRdDZXUFhIS0JLNW5GSjA5RmtVWUhSdkNrSFZNdWtnTWxybThDZVh0VUtrUFcwbnlrVkZmQ2pQd1EzU2tXR01BU0o5ZzRhbDBZaEljY3d4NDhpdzJEUVl6eDYyVEZERit1K0QveE9XWktSTm96Rzk1R0Fxd05CNUt6RXVjNnhTNVUzeXVtSDA3aHpCMXBkb2pYMGRhOGkwVWh4TU9BPT0Ym4L5pL8xSAASGQoKdWlkYXBpLmNvbRi4__ikvzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pYUdaVFZrNU5UbVpVTm5GclF6QjJhM2xMVVcxbmR6MDlJbjA9GM2D-aS_MUgAEhsKDGlkNS1zeW5jLmNvbRiYgfmkvzFIAFICCGo.&dlt=1700616093070&idt=525&prev_scp=viewport%3Ds1%26refresh%3D0%26sticky%3Dtrue%26pageid%3Dd73921d893106e0c8f6f8d0600c333ba3t5nx1b6%26contentsource%3Dadorocinema%26breadcrumb%3Ddiversao.entre-telas%26channel%3Ddiversao%26subchannel%3Dentre-telas%26testfloor%3Dfalse%26words%3Dpt%2Cmedium%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26contentauthor%3Dgiovannirodrigues%26vendor%3Dadorocinema%26pf%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_native_linkurl_ap%3Dhttps%253A%252F%252Ftrace-eu.mediago.io%252Fju%252Fic%253Ftn%253Dfd2c78e45533ef29df88e75fbc16275a%2526trackingid%253D7f1b4ec7ae763081c9474b1711fc1771%2526acid%253D14%2526data%253D3_SsTqg8TYdigivCFU-GEmpSDqlZyOtQ5BomPg_NqFa35Igk34uiu4d3HatwI76s8XPv84chgonzyiunk7iOHzgwTGaAQ6FFotgBjZ62_XEBpic4Jw91zgmEbcp85BgE4m22hwy8m0dq70u3ZoGAsOdnkh0aq-OOGYEyKAm22Eed_y81tP4039YD_kqg7nApHK-ie0X9N_4YyfobgRiEEYBNHiQHaIOC7VSy2UXpAuIwBS4hEfPH03ibPmvWS0nKh9gxpGab1Rr6yk-iNKSqOLPZ1wTGYCB5Tfa6XrjjdOtX6OKiaixlOdX4HLyK7nAXiv5XLd4G0j2ggFw4B6i-bXpuFdyEYqCilVgEx4d_mAWVdxgPjk-qFygBu0I0N9oNWUfTnuRbnyLEpzdaUrmEr3nTwpVRxaZhhdRSauvOchwMBvf8tKZ-MYr-Oup7nZ6HBRpclhUrzKPlBlA3UwAkMHFh_9WIG_YBoINULpAJlq5AAOS76TltSxTAR-DSyHjesjAURUm7ka9nWJgOxmnrKeHmH1Dzx5dqToFOBpTfRVyi2rLhyPvBsz-dEPNsthqIitCXKjYqLU7DW3dV5dTnsQQy6UkfwCB_Gp5SfBY0dffjFctDlyvojSy9_VYmJDk26bpKcvEcBSd3rBDmKd9Xm_rePvJrMbZppLCuMXWPp5OsckPB2jC7UxAX7VJF2tgrRbmf08PrTGqT10ZC8oo1JALfepk_Uh8ciy1VDBwHgvj8tk8Nr2XLEIVpUevcPzAul5qXSqzXLutV62WHwPJaINmA58ifZT8Z1M97aQez-cl-rYNqHSGM6jFT9U9VUhtjrBLT4BDuuc-0eYGfW4KTQEFRJGlP-GUvQvMjs86DAUWw-OIus0epx0ByoucjD4-PyF7DB3qrjYMSLc_lzW5lJJ7oQHCKsGmJ-dbZ8TuOnmALaJiYJ21weiEqrxk_TA01dHtdzB6kZbRmLFHo-kxEJODzuCmjdD2JNvUmNhHLXayKIyPFSPjWnuV5bME41kYLg1bVLoF7-xCIOGD6Y4fl2AyD9dryyRzfw-pJxHSVGKA4FbUePf-iRtKgt1Gwuhcyg3P79LYs9QLZQCNa2gz3ukefNE3EZ1_mQ7w1c9LsJTi2hpmTWkijZDd7lVdAbHNhT2he-1WOKi-vA6D4BBMVOqv_DHhYkcvQODTaPvwJdvHxDX2iG1RjJ0w4ZAoqzXSHwSJERXEsQ41obWrzxhaKoV8tH1pbMGLshc6SDgqFsObme_aHoJduwVSjr5rX3-1XRII1SwQvjuepFLxkEI91E8yyZ9tKe7Iy_M8tPbP7DFS01-5PqFRJdZdCLBRCcGBR8LgTYCckpmZO17UI97opibbHeMLNjib-fACYNvD6Xoxz3t13EddD_X2FKECgsEhnQvzCBpC2zV6VhfArQl8ZFyZ7HS0XS0TtiKjAjySRESvMfmNPNRGTTDozbc-LC5qISRQRnb05plxVRijHEdda-WEFYm90kRRkzSFtQwZfmI2Y8BQMjCNjApgCXpKbKBZ_PacvZpjL1uJ24qHMyJSRv_vpLKHF6s0TJ3dYCycgq2jS09lesiVxAkksofwL77b80eLqCXasV0bR0TlF8_3IOmp5OOUcWpPHhYCOi5diWemGuQ6Dhf4wVkFyRW0FJzxBSIfEhOEqBuIS_1T8Xav38K7FSsCrgmi5l_57m4EjdwjC9NQ0TQoGfFA4zh3is-NZLpxLdHXXknvmmeqpyxJ3wiE-1UJBnj7dq-YtkD1pFHgQfY_eGrEHbbVsIMGO6uF0zX3fnEZ4z8S-RqLu9z_C_x96dsBcq3tHNj7wDVw6WV5PjLUi__vNaTV_aNJJJlZn%2526uid%253Dmid_af166768bff417dbe700cfd490b2e72b%2526mguid%253D%2526ap%253D%257BAUCTION_PRICE%257D%2526tid%253D%257Btid%257D%2526gprice%253DQNrDwNOVcjRJRnILuEn8KVfVfcIygjDOPOC1zvdflbc%2526campaignid%253D2118541%26hb_native_icon_appne%3Dhttps%253A%252F%252Fd2cli4kgl5uxre.cloudfront.net%252FML%252Fl_150x150.png%26hb_native_image_appn%3Dhttps%253A%252F%252Fimages.mediago.io%252FML%252F4ea8a526d70879ab71f2c9e4d5aeba34__scv1__1200x628.png%26hb_native_brand_appn%3DLifestyletrendshq%26hb_native_body_appne%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_native_title_appn%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_format_appnexus%3Dnative%26hb_size_appnexus%3D0x0%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D367ef600394ba38%26hb_bidder_appnexus%3Dappnexus%26hb_native_icon%3Dhttps%253A%252F%252Fd2cli4kgl5uxre.cloudfront.net%252FML%252Fl_150x150.png%26hb_native_image%3Dhttps%253A%252F%252Fimages.mediago.io%252FML%252F4ea8a526d70879ab71f2c9e4d5aeba34__scv1__1200x628.png%26hb_native_linkurl%3Dhttps%253A%252F%252Ftrace-eu.mediago.io%252Fju%252Fic%253Ftn%253Dfd2c78e45533ef29df88e75fbc16275a%2526trackingid%253D7f1b4ec7ae763081c9474b1711fc1771%2526acid%253D14%2526data%253D3_SsTqg8TYdigivCFU-GEmpSDqlZyOtQ5BomPg_NqFa35Igk34uiu4d3HatwI76s8XPv84chgonzyiunk7iOHzgwTGaAQ6FFotgBjZ62_XEBpic4Jw91zgmEbcp85BgE4m22hwy8m0dq70u3ZoGAsOdnkh0aq-OOGYEyKAm22Eed_y81tP4039YD_kqg7nApHK-ie0X9N_4YyfobgRiEEYBNHiQHaIOC7VSy2UXpAuIwBS4hEfPH03ibPmvWS0nKh9gxpGab1Rr6yk-iNKSqOLPZ1wTGYCB5Tfa6XrjjdOtX6OKiaixlOdX4HLyK7nAXiv5XLd4G0j2ggFw4B6i-bXpuFdyEYqCilVgEx4d_mAWVdxgPjk-qFygBu0I0N9oNWUfTnuRbnyLEpzdaUrmEr3nTwpVRxaZhhdRSauvOchwMBvf8tKZ-MYr-Oup7nZ6HBRpclhUrzKPlBlA3UwAkMHFh_9WIG_YBoINULpAJlq5AAOS76TltSxTAR-DSyHjesjAURUm7ka9nWJgOxmnrKeHmH1Dzx5dqToFOBpTfRVyi2rLhyPvBsz-dEPNsthqIitCXKjYqLU7DW3dV5dTnsQQy6UkfwCB_Gp5SfBY0dffjFctDlyvojSy9_VYmJDk26bpKcvEcBSd3rBDmKd9Xm_rePvJrMbZppLCuMXWPp5OsckPB2jC7UxAX7VJF2tgrRbmf08PrTGqT10ZC8oo1JALfepk_Uh8ciy1VDBwHgvj8tk8Nr2XLEIVpUevcPzAul5qXSqzXLutV62WHwPJaINmA58ifZT8Z1M97aQez-cl-rYNqHSGM6jFT9U9VUhtjrBLT4BDuuc-0eYGfW4KTQEFRJGlP-GUvQvMjs86DAUWw-OIus0epx0ByoucjD4-PyF7DB3qrjYMSLc_lzW5lJJ7oQHCKsGmJ-dbZ8TuOnmALaJiYJ21weiEqrxk_TA01dHtdzB6kZbRmLFHo-kxEJODzuCmjdD2JNvUmNhHLXayKIyPFSPjWnuV5bME41kYLg1bVLoF7-xCIOGD6Y4fl2AyD9dryyRzfw-pJxHSVGKA4FbUePf-iRtKgt1Gwuhcyg3P79LYs9QLZQCNa2gz3ukefNE3EZ1_mQ7w1c9LsJTi2hpmTWkijZDd7lVdAbHNhT2he-1WOKi-vA6D4BBMVOqv_DHhYkcvQODTaPvwJdvHxDX2iG1RjJ0w4ZAoqzXSHwSJERXEsQ41obWrzxhaKoV8tH1pbMGLshc6SDgqFsObme_aHoJduwVSjr5rX3-1XRII1SwQvjuepFLxkEI91E8yyZ9tKe7Iy_M8tPbP7DFS01-5PqFRJdZdCLBRCcGBR8LgTYCckpmZO17UI97opibbHeMLNjib-fACYNvD6Xoxz3t13EddD_X2FKECgsEhnQvzCBpC2zV6VhfArQl8ZFyZ7HS0XS0TtiKjAjySRESvMfmNPNRGTTDozbc-LC5qISRQRnb05plxVRijHEdda-WEFYm90kRRkzSFtQwZfmI2Y8BQMjCNjApgCXpKbKBZ_PacvZpjL1uJ24qHMyJSRv_vpLKHF6s0TJ3dYCycgq2jS09lesiVxAkksofwL77b80eLqCXasV0bR0TlF8_3IOmp5OOUcWpPHhYCOi5diWemGuQ6Dhf4wVkFyRW0FJzxBSIfEhOEqBuIS_1T8Xav38K7FSsCrgmi5l_57m4EjdwjC9NQ0TQoGfFA4zh3is-NZLpxLdHXXknvmmeqpyxJ3wiE-1UJBnj7dq-YtkD1pFHgQfY_eGrEHbbVsIMGO6uF0zX3fnEZ4z8S-RqLu9z_C_x96dsBcq3tHNj7wDVw6WV5PjLUi__vNaTV_aNJJJlZn%2526uid%253Dmid_af166768bff417dbe700cfd490b2e72b%2526mguid%253D%2526ap%253D%257BAUCTION_PRICE%257D%2526tid%253D%257Btid%257D%2526gprice%253DQNrDwNOVcjRJRnILuEn8KVfVfcIygjDOPOC1zvdflbc%2526campaignid%253D2118541%26hb_native_brand%3DLifestyletrendshq%26hb_native_body%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_native_title%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_format%3Dnative%26hb_size%3D0x0%26hb_pb%3D0.02%26hb_adid%3D367ef600394ba38%26hb_bidder%3Dappnexus&adks=975625246&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dbd449f02a5396173705983b22751598501933930ded270d300e68c905b5259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12521
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E290
6 KB
3 KB
Document
General
Full URL
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:33 GMT
expires
Thu, 21 Nov 2024 01:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
118 KB
46 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4436642718262140&correlator=3763827589310151&eid=31079666%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.adorocinema.cobranded%2Carticles%2Ccabeceira&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C1272x250&ifi=3&didk=3155275638&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3Dc6e8faaf699284c3%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MZAgegc3NCNwRgwjqNjyQaTXiRRng&gpic=UID%3D00000cd6bd46ae79%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MYST5HZKSnSL__11DG_O1UaGiW2ZQ&abxe=1&dt=1700616096471&lmt=1700616096&adxs=436&adys=198&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&vis=1&psz=728x250&msz=728x250&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1025678541.1700616094&ga_sid=1700616094&ga_hid=1586805985&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuP_4pL8xSABSAghkEhsKDDMzYWNyb3NzLmNvbRi3__ikvzFIAFICCGQSGQoKcHViY2lkLm9yZxizgPmkvzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YuP_4pL8xSABSAghkEq4CCghydGJob3VzZRKYAlQ3dVN6aHVVYmRlbld2MEI3bE96bnprZ0R5QXY5MVUrUFV2V2h4ZXNjbHk1ZXVSZjBTWEROOXh4a0xkS2Zsd1doTWpsTnNCazdVU1oySlNtRUdFZkRnWE1oNzZoQVFQN1F3NmhxeW1QSlgvcUFja3BGUENac0ZxNEVRdDZXUFhIS0JLNW5GSjA5RmtVWUhSdkNrSFZNdWtnTWxybThDZVh0VUtrUFcwbnlrVkZmQ2pQd1EzU2tXR01BU0o5ZzRhbDBZaEljY3d4NDhpdzJEUVl6eDYyVEZERit1K0QveE9XWktSTm96Rzk1R0Fxd05CNUt6RXVjNnhTNVUzeXVtSDA3aHpCMXBkb2pYMGRhOGkwVWh4TU9BPT0Ym4L5pL8xSAASGQoKdWlkYXBpLmNvbRi4__ikvzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pYUdaVFZrNU5UbVpVTm5GclF6QjJhM2xMVVcxbmR6MDlJbjA9GM2D-aS_MUgAEhsKDGlkNS1zeW5jLmNvbRiYgfmkvzFIAFICCGo.&dlt=1700616093070&idt=525&prev_scp=viewport%3Ds1%26refresh%3D0%26pageid%3Dd73921d893106e0c8f6f8d0600c333ba3t5nx1b6%26contentsource%3Dadorocinema%26breadcrumb%3Ddiversao.entre-telas%26channel%3Ddiversao%26subchannel%3Dentre-telas%26testfloor%3Dfalse%26words%3Dpt%2Cmedium%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26contentauthor%3Dgiovannirodrigues%26vendor%3Dadorocinema%26pf%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.12%26hb_adid_appnexus%3D40d3eeab8f19006%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.14%26hb_adid%3D38dbca93b342c85%26hb_bidder%3Dprojectagora%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D970x250%26hb_pb_projectagora%3D0.14%26hb_adid_projectagora%3D38dbca93b342c85%26hb_bidder_projectago%3Dprojectagora%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.07%26hb_adid_rubicon%3D353d9d39b8bc522%26hb_bidder_rubicon%3Drubicon&adks=4123656343&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2d37b3f56d20ce8c2d4421966455b1b4825917558550c1bbe4436a7392e5b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47419
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 04AD
624 B
577 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E290
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 01:21:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E290
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrlyvGfi6PLu8y51x7QTNFDtIusLsIuoAw4k1EufxzEyoiwPFnIWeuOe5z5hQs23LbsopALLEJ3q9UVMmgVF4Im_UpLE1WNS-y8va6fEo_AQHNfW0
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E290
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2637835754369258930&x=1&ct=119
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame E290
60 B
60 B
Image
General
Full URL
https://m.exactag.com/ai.aspx?tc=9fc0785b2386e29f7b0210517b7bc960&rnd=1700616096133404
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 01:21:36 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 22 Nov 2023 01:21:36 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
713
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E290
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
30584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:51:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E290
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
7478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame E290
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7KySzHO3ke7d5Xb8l3P4Xiw01KNlt42qMH_yPxeCAJ4xhPgj5ilJQAqimWINKG3Qj4ec44NOuDAJzEQfPrmp6FiWKrg
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E290
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 01:21:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E290
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9488723135582&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E290
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9488723135582&version=m202309260101&ct=119&x=1&cor=2637835754369259000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E290
91 KB
38 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byywd_1c0aItx0ZSqu1U1dhiFU20KAz8Usb6CCjx52jll9B0hQ-DcM8Anjsxs0YqyjJJy0Gl7mNnIaRIzE2uVZiCUpYpzGwyhnCHKSOvsQmYy9LrbAg0bOPUIyGhLTrTCKfNZ70NdhJJS5FDTs3JAvMbvjN-txOPe9H3g7x_vyYl4iUVQ&cry=1&dbm_d=AKAmf-BFG7z02B2u2SsLXJnPGG6XfNMHQOdFwM7KvI_YEUANRprnXqijpXXoCGXloJMIHqpk8Zpy5X9pjA7qIIm-Umm2qutjJE66LNZbZ3hUVcXl8h0IXqnKA4ChtdwnRKb5Yhs5zeyn5bxgs5N2i1LcAfcCv2qrxpDHu9TfoIFhwOdt4C76if2QRogNYM5O_WCe9V8z2sDgZDbinnHaqHI8N_Xh4RoQHSzw0vVdNtHabgQ0_L_nrO5uJ7D_9sKarQdg30mY17ufD9-UDLpuJ_g-0_zVTOZMDBOuqZpgTfgEOnVhhgGaIl45KNDBJ56sYPgO4lmJKiTtTPmFM-DsnWAP7A6qO5C5iarq8JT7dbrLOtoR59QKOnYWXhBy4vRekuKOnITqGCxyVAS0vW5hga0lFi1fu0FonKbBVkoEVMcCGZte9FYBgnFuDmEhWig-tR4zq7IlZgEGfBoMvPUBHOS0UYfrJ2dGl-501KOT1i2Inj631urOllxWgDFnuIOHNPfWLmIONAtPvLEkH3ratzJc4zvna-5jF8LFKntiUx7LEpaD4hRIz_of3h8wghX8Z-tM6jNxO89VAlYNjxo9iYUtPPUiEvPQZNof9uLFQFcJwM2PUDlctzZpdhutKGPZqTaYZtwyeoBOchDvlG2PxTt5EM838R5V83YGJ3hyCMxj9crve-8JWPBb5ZHwiren4s4S3JtCQxDnDJIjdV3Ded93DrkyXkWRp8iCejvWGpXnqnelo7SoRPyfdzUPqoRNvgQRWS2dqlZM5TkX9cIPziSKEWWMAAfT2aMRYEryCEFXlcZDWVQ6Al4EqD4n7WJTc7tQjk7hWu5YGwmwS66JUmZK8jKGv0fkxdpiPqTAl7_viaGRCqu9r9fis_ymNR7fHz9PxB7V7oOKyJhhiNSMZmEAb-M7ebpnQ3l32hf2TEkyVQgE0qal8sKIAMiNJCl95muSu8ZfHHWfK1Y1PKWNXzRkLgN358ubvQH6Cjb_WMHEo94hYNEa-qUvDhyoWw0mc1VGAHb0rA14KDHzyfHZG8z5JJClgZmPBUafhgNmr0KV6GAv3BIy1ePchwY_Ru2gwcYEI1tG5gW7ZOdfu0BYjWN3bQHPYkLPSMmPeLMHA0pw6kM7AtBVSYo1kJsmuIhx10KSjYOTSzMJH-cOoBY13q07SLKvZXs5BY8SSdMPQ4PzsLbnKLvDnzzdKj0ij_pi7htZXW9xkqqE3KpsyfIRH50UdBB85W4KvqYlMQB-_Bvl8Mr2T4EuOeF8RLu8gT4CChAe8lKzSiHxvuxA1bufjJvzHnZOvl3LSN4bPkTzb3YlRuElODsfmkllTxkN-XxpKGObZHzZOpP4s8Xh3NHPrFbhsATqa8Qw_CL1X0J_5YP3trT_YAgjQKKTEJliQeZXcJ2g4JyTEnI5lB-oU2xXWpYUOVvqNIMXfeTXuzxXxm_6zLGzYkpW9wWKMpCirewPNfEyZVeJ5-yal781wiDc_dWaShig1msrA9TQIObqYTuCRLF6K799Cm6R4Pxg3rpvj51blSo09XrJwt5shptbFBiqu7iE7oVtXdSJ5j4IlUOMiZxnl9y1z8f0RDrHelhkSJ8dK1zC4fZBdM8fsIvOQzr8a2eIf7bulxHrFSFdily0Ukc67Im5T3Kv6RblIiBfgbdPjnPz0kVRAEryiGkJoqDrQJ-SDUbIFdZEzl8MZChthJpECOybT8L9GwVppna25RGlT-ijnXZCqzKAJ-isWU_eMpZKduoiWGfouD50j3lRqzyfecjbP1dBPl8Y2iKXMrzuuQKTqF-HDhdkpOxjYENXdVp-EAk3DVqtaPSDL0VuEh_q1bcXYJSdemVdUVBGkCRaKQ-lNK1zfoyv2MYiC19M9cJYgZlj3LmetEW27RCAcH4oj5SiHWgJ_AcyHj24pa_AWu8EmIWFJYIV3jfLble72bLu9kbTc3ByKYeSBJkGh8ejGbqDJptNv_wFB7FWvB_bXTI6-howi57wkvkqVRV-HLF5EC96BaAo-FeR6K7qCZqSiUm-31eMIsOB0Dv4hih4YAFlYnjwV5WAoo2LKYARMNj3fIHJDEJT4ijgaGWqnQEULXAF13kCGb0Rsfbn1WE4xxZmqiAD6BP2L6oXEORZzYlciIyZx_1LR0pMbwMeS9oW8STqx2oeLeFd2Ejog80Ln0-TQCXWGDK5NPXE4giNXQapdhNBfYNva4KFE7euDOaO3Nl5lwWJZyOQq33f2Zpohnj6VWglnrqluZdy-53zpxQOUmJgtPm0Usm6EJryV4mSjmK0VEonGNLXJ4hY1qbjZwrNH9JUfpuF6iFqzSRX4pJITQhHEV2CSdNYNCyngFqT7qyj2z20HJxi0bK3w5JcQUL_b8_zFbjmYmEBwaDyLJS7-kCyEP8jWE4DAs_XfRRTcMilmX4dJ4DLdiLMPvC6sT8IZlciEeUhGC-pgfG-_ai9qRKacK6wanr-ZLzhD40dN-FN8KweKRMHacvVqUq9nGHvzQNAdxZPrpZLzqo4VmQYgMyE-Huh1TcPxf8LUenWcNIICAIpuqErUPDB2fPcao0bmgL5ICaog0r01FlMeor0yPYQ1O8CI15uphPbrx9TN291lVsdg2H08H5dVNqCZzwAJapc7WsT-Tp-oLWxZqDkFpEvM5BnoTwZsZxptfD0gOtITNUNdnNqybtDRMfuo6zFVUDjrB7Xa5oNqw5bpZf59ezD_DOeBG5vmQ-wEboy9NRhOeJliHYkjV8Cm1Xwc-IPCnIBcSg_UpU_unayu8z-M1PT7DIKaEF2xMtCM84UhnJ7WhQStB3c_pC2YOWBqEME_rkvutEaNUEcqh-RYZp_8cMh8jHF1zd4RgT1vZlMMYRN_euErMpO3C6ReBQnzTCwJu6epWAbtRlkILj5zuPjODjcB2GL12EEOn5kzJYLyln9410cyWkzyJ7a3gSj7x-QkrKyvjYfLyu1_0yFDGYqrQL8cY0-ca-sKvfAI9W6KkTbjrkaiIsNan5GlCyMGNMkF1Oljo4fif5oVPxBeeg7r-ZHX7cItdk85sTUAkKaliqVhDqx2j0nhgzHWe8PfOUqkqSdeTGzTeHOHdIdYh3YPHCOE15IY_wmPiySooxnE65NdqUoPMmBC-9YNjRqM4MLDyLlaT-fnqK3TfC1fazWzFfmyYaDTNAsXKRWzuBbzHGBKM6HQtcTX26dbo_LGb8YiWkwvcTmgGb83h6MvTBdyiWenegmy0nMlCR-hVktzulQzwqPdp0w72UYQfCPHR9FucN_-sx4o9hcRrhL2TVgvG8uNz6GfY13fmGacb8xfHXWJtUq9OEJ-yNF30sJhUYr7qWfs9eJTyNIkcAiqsH9dzfayql7IngUnjl4uNgPgdIH9C-KyF39VBASZmUfJDSHMKhdaU2Wg_EBhGQwMsKkAxmkFTod1OfnW3lSO9X3jwxX0hBka7MaYN7g7RicfiqG47qfRkWnILQqq0MBt5wxF5529LADOrBDIAae1BrHbDfg3LEg1xH2mWAakmht4tqURQM919vUYTwkzhg2MuI8jFNVTNyExglvVlZWmfIjkJbahB4Z2zwYXSSWzGR5Xsu4lQpYpUjkvbJGOYxlhzSvO6s7jiBlrwB_yi2ncJHaK8WPu2dgS9ZmoyF_uXukaaZVOvUadYzqBDMS-E9p-R4vop4QD2c4o8kCX6nW3bL3sTCe90TeUu-Rl5pMpAZ4zaRIc7XEBaPXrOxPBrNzUvVnU6ZhTu159_7wu_ANdue2vmboWAnMF2TYnHrlznxCgyBbZXYXIhyjcgxVn6mTCvCLWYfd4UoNwMV7OM4MtPqtNsCJ7Q4nKNTnubNaY-e2bahn6Wa3_B9p3eHx3Rjesn2A-Y5SFu8dqBg0oWkckHRuIf4DlLl0lZ58e9_U2hcypPrhzWKLDe90WTKIRB0afSrEBYsdGF1rLDFdRtnzZif-FR_JveX8vHjYK424DRkBky3KHA1vVIFNtr-xJHokWrRIAobz5yqbnw_06_mjvoIQ4_G89-IxKT6Pht-mcwdstAkrSi2h9WrJq_gXRcfJtR2G40GWuU18XMI2YQoFTM7-qRJ-cK6z0Blh2gR5bHwS5youO6Q19xHpDaGVwiTDNlLqtuTiS3WFdXbFzHVsWEj5Dog0pwkNLC9vB86e7AvM4v5SGwNaOgbz01eZz4bViLFCWoASzTaUXKYHj36_wYolMghz4PYxs0Lda5aRyhaq7DqIgyozDv95XEbC7gsmZZAgFPaZlxVHPeLra573y7cxxihu6FwDm21yHN1XmwmMQEpDKWbfXKMaSfR_cfxOHHlcQLIrxhL_ksbkAx9CKM29Ap75RnplJNfEkRVPPMLb2hi0Zb5R_nRz17Mw0I68FEjUHZl1pNMtBQMi3rF75LZE0u93w3OGt1AvwDg-l_HwQRYP-I7le7zmY4Z2JVbqs0HbGECS9nWcpHR70NpNJvuaLsFU3x8eH8gV5Eq5QiiF3wGMORuI2PzjCmNV547B0Oj7BJVzNNhoh2HzA_1dR9K-hwlPDccMZz19jOIidaF8XopDSejXmWQHNEziyWjn6cSCc08nwnfElIN8CTXnPSiaLsixaZZYgzk8qyezQ24ZRujoPIFQTTTr9c98E_xFOybxmP5EJgr0CjvClLCHORLk-0aStaQYB4s_bcDYsqaJEO3sQC_5&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=2637835754369259000&adk=3047537735&idt=43&cac=0&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b55b71f4979d078b8caa9673b2d06b61fd9ad9c7cefd614ab46b80ee19d1e0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38819
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 04AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1
43 B
336 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsTs7thHq0o%2BJeYm27ycyEOstAhSLjBc7CbJEgD7jA927d4W0OCjlWOa7INvN9TWhOoBjRa90LckD6cXbOz4qNdQ%2Bnx2h1iAWyBzzm3AGyAM6mpzxoTkX%2F3E3LvyLVcluAsBXnlwrJzBpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
829d5b4c4ad291e3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 04AD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV1XoCp4HvP0U.2c-ktRiAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2
43 B
770 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFUarQHm8zJOu%2FiTk0HlYLTCdj2NvaASUlbAz5FT33XXAnkxhr%2FKPSChrSYGnGcQr3H2QLwpRh4ngNMn7c8%2BLa4q4ACtMAzJZgJ7dVuqiMc5W7M6KJzWGVWaLEMk5%2BxIslkmhj0lFeW0jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
829d5b4cda4b3648-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 04AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1
43 B
842 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
an-x-request-uuid
ea115a25-55af-4a3b-a027-5dab3ea2be13
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
an-x-request-uuid
35f46c3a-17b7-40ff-b5c1-1b9d94b7c962
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E290
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Origin
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 07:40:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E290
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byywd_1c0aItx0ZSqu1U1dhiFU20KAz8Usb6CCjx52jll9B0hQ-DcM8Anjsxs0YqyjJJy0Gl7mNnIaRIzE2uVZiCUpYpzGwyhnCHKSOvsQmYy9LrbAg0bOPUIyGhLTrTCKfNZ70NdhJJS5FDTs3JAvMbvjN-txOPe9H3g7x_vyYl4iUVQ&cry=1&dbm_d=AKAmf-BFG7z02B2u2SsLXJnPGG6XfNMHQOdFwM7KvI_YEUANRprnXqijpXXoCGXloJMIHqpk8Zpy5X9pjA7qIIm-Umm2qutjJE66LNZbZ3hUVcXl8h0IXqnKA4ChtdwnRKb5Yhs5zeyn5bxgs5N2i1LcAfcCv2qrxpDHu9TfoIFhwOdt4C76if2QRogNYM5O_WCe9V8z2sDgZDbinnHaqHI8N_Xh4RoQHSzw0vVdNtHabgQ0_L_nrO5uJ7D_9sKarQdg30mY17ufD9-UDLpuJ_g-0_zVTOZMDBOuqZpgTfgEOnVhhgGaIl45KNDBJ56sYPgO4lmJKiTtTPmFM-DsnWAP7A6qO5C5iarq8JT7dbrLOtoR59QKOnYWXhBy4vRekuKOnITqGCxyVAS0vW5hga0lFi1fu0FonKbBVkoEVMcCGZte9FYBgnFuDmEhWig-tR4zq7IlZgEGfBoMvPUBHOS0UYfrJ2dGl-501KOT1i2Inj631urOllxWgDFnuIOHNPfWLmIONAtPvLEkH3ratzJc4zvna-5jF8LFKntiUx7LEpaD4hRIz_of3h8wghX8Z-tM6jNxO89VAlYNjxo9iYUtPPUiEvPQZNof9uLFQFcJwM2PUDlctzZpdhutKGPZqTaYZtwyeoBOchDvlG2PxTt5EM838R5V83YGJ3hyCMxj9crve-8JWPBb5ZHwiren4s4S3JtCQxDnDJIjdV3Ded93DrkyXkWRp8iCejvWGpXnqnelo7SoRPyfdzUPqoRNvgQRWS2dqlZM5TkX9cIPziSKEWWMAAfT2aMRYEryCEFXlcZDWVQ6Al4EqD4n7WJTc7tQjk7hWu5YGwmwS66JUmZK8jKGv0fkxdpiPqTAl7_viaGRCqu9r9fis_ymNR7fHz9PxB7V7oOKyJhhiNSMZmEAb-M7ebpnQ3l32hf2TEkyVQgE0qal8sKIAMiNJCl95muSu8ZfHHWfK1Y1PKWNXzRkLgN358ubvQH6Cjb_WMHEo94hYNEa-qUvDhyoWw0mc1VGAHb0rA14KDHzyfHZG8z5JJClgZmPBUafhgNmr0KV6GAv3BIy1ePchwY_Ru2gwcYEI1tG5gW7ZOdfu0BYjWN3bQHPYkLPSMmPeLMHA0pw6kM7AtBVSYo1kJsmuIhx10KSjYOTSzMJH-cOoBY13q07SLKvZXs5BY8SSdMPQ4PzsLbnKLvDnzzdKj0ij_pi7htZXW9xkqqE3KpsyfIRH50UdBB85W4KvqYlMQB-_Bvl8Mr2T4EuOeF8RLu8gT4CChAe8lKzSiHxvuxA1bufjJvzHnZOvl3LSN4bPkTzb3YlRuElODsfmkllTxkN-XxpKGObZHzZOpP4s8Xh3NHPrFbhsATqa8Qw_CL1X0J_5YP3trT_YAgjQKKTEJliQeZXcJ2g4JyTEnI5lB-oU2xXWpYUOVvqNIMXfeTXuzxXxm_6zLGzYkpW9wWKMpCirewPNfEyZVeJ5-yal781wiDc_dWaShig1msrA9TQIObqYTuCRLF6K799Cm6R4Pxg3rpvj51blSo09XrJwt5shptbFBiqu7iE7oVtXdSJ5j4IlUOMiZxnl9y1z8f0RDrHelhkSJ8dK1zC4fZBdM8fsIvOQzr8a2eIf7bulxHrFSFdily0Ukc67Im5T3Kv6RblIiBfgbdPjnPz0kVRAEryiGkJoqDrQJ-SDUbIFdZEzl8MZChthJpECOybT8L9GwVppna25RGlT-ijnXZCqzKAJ-isWU_eMpZKduoiWGfouD50j3lRqzyfecjbP1dBPl8Y2iKXMrzuuQKTqF-HDhdkpOxjYENXdVp-EAk3DVqtaPSDL0VuEh_q1bcXYJSdemVdUVBGkCRaKQ-lNK1zfoyv2MYiC19M9cJYgZlj3LmetEW27RCAcH4oj5SiHWgJ_AcyHj24pa_AWu8EmIWFJYIV3jfLble72bLu9kbTc3ByKYeSBJkGh8ejGbqDJptNv_wFB7FWvB_bXTI6-howi57wkvkqVRV-HLF5EC96BaAo-FeR6K7qCZqSiUm-31eMIsOB0Dv4hih4YAFlYnjwV5WAoo2LKYARMNj3fIHJDEJT4ijgaGWqnQEULXAF13kCGb0Rsfbn1WE4xxZmqiAD6BP2L6oXEORZzYlciIyZx_1LR0pMbwMeS9oW8STqx2oeLeFd2Ejog80Ln0-TQCXWGDK5NPXE4giNXQapdhNBfYNva4KFE7euDOaO3Nl5lwWJZyOQq33f2Zpohnj6VWglnrqluZdy-53zpxQOUmJgtPm0Usm6EJryV4mSjmK0VEonGNLXJ4hY1qbjZwrNH9JUfpuF6iFqzSRX4pJITQhHEV2CSdNYNCyngFqT7qyj2z20HJxi0bK3w5JcQUL_b8_zFbjmYmEBwaDyLJS7-kCyEP8jWE4DAs_XfRRTcMilmX4dJ4DLdiLMPvC6sT8IZlciEeUhGC-pgfG-_ai9qRKacK6wanr-ZLzhD40dN-FN8KweKRMHacvVqUq9nGHvzQNAdxZPrpZLzqo4VmQYgMyE-Huh1TcPxf8LUenWcNIICAIpuqErUPDB2fPcao0bmgL5ICaog0r01FlMeor0yPYQ1O8CI15uphPbrx9TN291lVsdg2H08H5dVNqCZzwAJapc7WsT-Tp-oLWxZqDkFpEvM5BnoTwZsZxptfD0gOtITNUNdnNqybtDRMfuo6zFVUDjrB7Xa5oNqw5bpZf59ezD_DOeBG5vmQ-wEboy9NRhOeJliHYkjV8Cm1Xwc-IPCnIBcSg_UpU_unayu8z-M1PT7DIKaEF2xMtCM84UhnJ7WhQStB3c_pC2YOWBqEME_rkvutEaNUEcqh-RYZp_8cMh8jHF1zd4RgT1vZlMMYRN_euErMpO3C6ReBQnzTCwJu6epWAbtRlkILj5zuPjODjcB2GL12EEOn5kzJYLyln9410cyWkzyJ7a3gSj7x-QkrKyvjYfLyu1_0yFDGYqrQL8cY0-ca-sKvfAI9W6KkTbjrkaiIsNan5GlCyMGNMkF1Oljo4fif5oVPxBeeg7r-ZHX7cItdk85sTUAkKaliqVhDqx2j0nhgzHWe8PfOUqkqSdeTGzTeHOHdIdYh3YPHCOE15IY_wmPiySooxnE65NdqUoPMmBC-9YNjRqM4MLDyLlaT-fnqK3TfC1fazWzFfmyYaDTNAsXKRWzuBbzHGBKM6HQtcTX26dbo_LGb8YiWkwvcTmgGb83h6MvTBdyiWenegmy0nMlCR-hVktzulQzwqPdp0w72UYQfCPHR9FucN_-sx4o9hcRrhL2TVgvG8uNz6GfY13fmGacb8xfHXWJtUq9OEJ-yNF30sJhUYr7qWfs9eJTyNIkcAiqsH9dzfayql7IngUnjl4uNgPgdIH9C-KyF39VBASZmUfJDSHMKhdaU2Wg_EBhGQwMsKkAxmkFTod1OfnW3lSO9X3jwxX0hBka7MaYN7g7RicfiqG47qfRkWnILQqq0MBt5wxF5529LADOrBDIAae1BrHbDfg3LEg1xH2mWAakmht4tqURQM919vUYTwkzhg2MuI8jFNVTNyExglvVlZWmfIjkJbahB4Z2zwYXSSWzGR5Xsu4lQpYpUjkvbJGOYxlhzSvO6s7jiBlrwB_yi2ncJHaK8WPu2dgS9ZmoyF_uXukaaZVOvUadYzqBDMS-E9p-R4vop4QD2c4o8kCX6nW3bL3sTCe90TeUu-Rl5pMpAZ4zaRIc7XEBaPXrOxPBrNzUvVnU6ZhTu159_7wu_ANdue2vmboWAnMF2TYnHrlznxCgyBbZXYXIhyjcgxVn6mTCvCLWYfd4UoNwMV7OM4MtPqtNsCJ7Q4nKNTnubNaY-e2bahn6Wa3_B9p3eHx3Rjesn2A-Y5SFu8dqBg0oWkckHRuIf4DlLl0lZ58e9_U2hcypPrhzWKLDe90WTKIRB0afSrEBYsdGF1rLDFdRtnzZif-FR_JveX8vHjYK424DRkBky3KHA1vVIFNtr-xJHokWrRIAobz5yqbnw_06_mjvoIQ4_G89-IxKT6Pht-mcwdstAkrSi2h9WrJq_gXRcfJtR2G40GWuU18XMI2YQoFTM7-qRJ-cK6z0Blh2gR5bHwS5youO6Q19xHpDaGVwiTDNlLqtuTiS3WFdXbFzHVsWEj5Dog0pwkNLC9vB86e7AvM4v5SGwNaOgbz01eZz4bViLFCWoASzTaUXKYHj36_wYolMghz4PYxs0Lda5aRyhaq7DqIgyozDv95XEbC7gsmZZAgFPaZlxVHPeLra573y7cxxihu6FwDm21yHN1XmwmMQEpDKWbfXKMaSfR_cfxOHHlcQLIrxhL_ksbkAx9CKM29Ap75RnplJNfEkRVPPMLb2hi0Zb5R_nRz17Mw0I68FEjUHZl1pNMtBQMi3rF75LZE0u93w3OGt1AvwDg-l_HwQRYP-I7le7zmY4Z2JVbqs0HbGECS9nWcpHR70NpNJvuaLsFU3x8eH8gV5Eq5QiiF3wGMORuI2PzjCmNV547B0Oj7BJVzNNhoh2HzA_1dR9K-hwlPDccMZz19jOIidaF8XopDSejXmWQHNEziyWjn6cSCc08nwnfElIN8CTXnPSiaLsixaZZYgzk8qyezQ24ZRujoPIFQTTTr9c98E_xFOybxmP5EJgr0CjvClLCHORLk-0aStaQYB4s_bcDYsqaJEO3sQC_5&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=2637835754369259000&adk=3047537735&idt=43&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
62564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 07:58:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E290
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byywd_1c0aItx0ZSqu1U1dhiFU20KAz8Usb6CCjx52jll9B0hQ-DcM8Anjsxs0YqyjJJy0Gl7mNnIaRIzE2uVZiCUpYpzGwyhnCHKSOvsQmYy9LrbAg0bOPUIyGhLTrTCKfNZ70NdhJJS5FDTs3JAvMbvjN-txOPe9H3g7x_vyYl4iUVQ&cry=1&dbm_d=AKAmf-BFG7z02B2u2SsLXJnPGG6XfNMHQOdFwM7KvI_YEUANRprnXqijpXXoCGXloJMIHqpk8Zpy5X9pjA7qIIm-Umm2qutjJE66LNZbZ3hUVcXl8h0IXqnKA4ChtdwnRKb5Yhs5zeyn5bxgs5N2i1LcAfcCv2qrxpDHu9TfoIFhwOdt4C76if2QRogNYM5O_WCe9V8z2sDgZDbinnHaqHI8N_Xh4RoQHSzw0vVdNtHabgQ0_L_nrO5uJ7D_9sKarQdg30mY17ufD9-UDLpuJ_g-0_zVTOZMDBOuqZpgTfgEOnVhhgGaIl45KNDBJ56sYPgO4lmJKiTtTPmFM-DsnWAP7A6qO5C5iarq8JT7dbrLOtoR59QKOnYWXhBy4vRekuKOnITqGCxyVAS0vW5hga0lFi1fu0FonKbBVkoEVMcCGZte9FYBgnFuDmEhWig-tR4zq7IlZgEGfBoMvPUBHOS0UYfrJ2dGl-501KOT1i2Inj631urOllxWgDFnuIOHNPfWLmIONAtPvLEkH3ratzJc4zvna-5jF8LFKntiUx7LEpaD4hRIz_of3h8wghX8Z-tM6jNxO89VAlYNjxo9iYUtPPUiEvPQZNof9uLFQFcJwM2PUDlctzZpdhutKGPZqTaYZtwyeoBOchDvlG2PxTt5EM838R5V83YGJ3hyCMxj9crve-8JWPBb5ZHwiren4s4S3JtCQxDnDJIjdV3Ded93DrkyXkWRp8iCejvWGpXnqnelo7SoRPyfdzUPqoRNvgQRWS2dqlZM5TkX9cIPziSKEWWMAAfT2aMRYEryCEFXlcZDWVQ6Al4EqD4n7WJTc7tQjk7hWu5YGwmwS66JUmZK8jKGv0fkxdpiPqTAl7_viaGRCqu9r9fis_ymNR7fHz9PxB7V7oOKyJhhiNSMZmEAb-M7ebpnQ3l32hf2TEkyVQgE0qal8sKIAMiNJCl95muSu8ZfHHWfK1Y1PKWNXzRkLgN358ubvQH6Cjb_WMHEo94hYNEa-qUvDhyoWw0mc1VGAHb0rA14KDHzyfHZG8z5JJClgZmPBUafhgNmr0KV6GAv3BIy1ePchwY_Ru2gwcYEI1tG5gW7ZOdfu0BYjWN3bQHPYkLPSMmPeLMHA0pw6kM7AtBVSYo1kJsmuIhx10KSjYOTSzMJH-cOoBY13q07SLKvZXs5BY8SSdMPQ4PzsLbnKLvDnzzdKj0ij_pi7htZXW9xkqqE3KpsyfIRH50UdBB85W4KvqYlMQB-_Bvl8Mr2T4EuOeF8RLu8gT4CChAe8lKzSiHxvuxA1bufjJvzHnZOvl3LSN4bPkTzb3YlRuElODsfmkllTxkN-XxpKGObZHzZOpP4s8Xh3NHPrFbhsATqa8Qw_CL1X0J_5YP3trT_YAgjQKKTEJliQeZXcJ2g4JyTEnI5lB-oU2xXWpYUOVvqNIMXfeTXuzxXxm_6zLGzYkpW9wWKMpCirewPNfEyZVeJ5-yal781wiDc_dWaShig1msrA9TQIObqYTuCRLF6K799Cm6R4Pxg3rpvj51blSo09XrJwt5shptbFBiqu7iE7oVtXdSJ5j4IlUOMiZxnl9y1z8f0RDrHelhkSJ8dK1zC4fZBdM8fsIvOQzr8a2eIf7bulxHrFSFdily0Ukc67Im5T3Kv6RblIiBfgbdPjnPz0kVRAEryiGkJoqDrQJ-SDUbIFdZEzl8MZChthJpECOybT8L9GwVppna25RGlT-ijnXZCqzKAJ-isWU_eMpZKduoiWGfouD50j3lRqzyfecjbP1dBPl8Y2iKXMrzuuQKTqF-HDhdkpOxjYENXdVp-EAk3DVqtaPSDL0VuEh_q1bcXYJSdemVdUVBGkCRaKQ-lNK1zfoyv2MYiC19M9cJYgZlj3LmetEW27RCAcH4oj5SiHWgJ_AcyHj24pa_AWu8EmIWFJYIV3jfLble72bLu9kbTc3ByKYeSBJkGh8ejGbqDJptNv_wFB7FWvB_bXTI6-howi57wkvkqVRV-HLF5EC96BaAo-FeR6K7qCZqSiUm-31eMIsOB0Dv4hih4YAFlYnjwV5WAoo2LKYARMNj3fIHJDEJT4ijgaGWqnQEULXAF13kCGb0Rsfbn1WE4xxZmqiAD6BP2L6oXEORZzYlciIyZx_1LR0pMbwMeS9oW8STqx2oeLeFd2Ejog80Ln0-TQCXWGDK5NPXE4giNXQapdhNBfYNva4KFE7euDOaO3Nl5lwWJZyOQq33f2Zpohnj6VWglnrqluZdy-53zpxQOUmJgtPm0Usm6EJryV4mSjmK0VEonGNLXJ4hY1qbjZwrNH9JUfpuF6iFqzSRX4pJITQhHEV2CSdNYNCyngFqT7qyj2z20HJxi0bK3w5JcQUL_b8_zFbjmYmEBwaDyLJS7-kCyEP8jWE4DAs_XfRRTcMilmX4dJ4DLdiLMPvC6sT8IZlciEeUhGC-pgfG-_ai9qRKacK6wanr-ZLzhD40dN-FN8KweKRMHacvVqUq9nGHvzQNAdxZPrpZLzqo4VmQYgMyE-Huh1TcPxf8LUenWcNIICAIpuqErUPDB2fPcao0bmgL5ICaog0r01FlMeor0yPYQ1O8CI15uphPbrx9TN291lVsdg2H08H5dVNqCZzwAJapc7WsT-Tp-oLWxZqDkFpEvM5BnoTwZsZxptfD0gOtITNUNdnNqybtDRMfuo6zFVUDjrB7Xa5oNqw5bpZf59ezD_DOeBG5vmQ-wEboy9NRhOeJliHYkjV8Cm1Xwc-IPCnIBcSg_UpU_unayu8z-M1PT7DIKaEF2xMtCM84UhnJ7WhQStB3c_pC2YOWBqEME_rkvutEaNUEcqh-RYZp_8cMh8jHF1zd4RgT1vZlMMYRN_euErMpO3C6ReBQnzTCwJu6epWAbtRlkILj5zuPjODjcB2GL12EEOn5kzJYLyln9410cyWkzyJ7a3gSj7x-QkrKyvjYfLyu1_0yFDGYqrQL8cY0-ca-sKvfAI9W6KkTbjrkaiIsNan5GlCyMGNMkF1Oljo4fif5oVPxBeeg7r-ZHX7cItdk85sTUAkKaliqVhDqx2j0nhgzHWe8PfOUqkqSdeTGzTeHOHdIdYh3YPHCOE15IY_wmPiySooxnE65NdqUoPMmBC-9YNjRqM4MLDyLlaT-fnqK3TfC1fazWzFfmyYaDTNAsXKRWzuBbzHGBKM6HQtcTX26dbo_LGb8YiWkwvcTmgGb83h6MvTBdyiWenegmy0nMlCR-hVktzulQzwqPdp0w72UYQfCPHR9FucN_-sx4o9hcRrhL2TVgvG8uNz6GfY13fmGacb8xfHXWJtUq9OEJ-yNF30sJhUYr7qWfs9eJTyNIkcAiqsH9dzfayql7IngUnjl4uNgPgdIH9C-KyF39VBASZmUfJDSHMKhdaU2Wg_EBhGQwMsKkAxmkFTod1OfnW3lSO9X3jwxX0hBka7MaYN7g7RicfiqG47qfRkWnILQqq0MBt5wxF5529LADOrBDIAae1BrHbDfg3LEg1xH2mWAakmht4tqURQM919vUYTwkzhg2MuI8jFNVTNyExglvVlZWmfIjkJbahB4Z2zwYXSSWzGR5Xsu4lQpYpUjkvbJGOYxlhzSvO6s7jiBlrwB_yi2ncJHaK8WPu2dgS9ZmoyF_uXukaaZVOvUadYzqBDMS-E9p-R4vop4QD2c4o8kCX6nW3bL3sTCe90TeUu-Rl5pMpAZ4zaRIc7XEBaPXrOxPBrNzUvVnU6ZhTu159_7wu_ANdue2vmboWAnMF2TYnHrlznxCgyBbZXYXIhyjcgxVn6mTCvCLWYfd4UoNwMV7OM4MtPqtNsCJ7Q4nKNTnubNaY-e2bahn6Wa3_B9p3eHx3Rjesn2A-Y5SFu8dqBg0oWkckHRuIf4DlLl0lZ58e9_U2hcypPrhzWKLDe90WTKIRB0afSrEBYsdGF1rLDFdRtnzZif-FR_JveX8vHjYK424DRkBky3KHA1vVIFNtr-xJHokWrRIAobz5yqbnw_06_mjvoIQ4_G89-IxKT6Pht-mcwdstAkrSi2h9WrJq_gXRcfJtR2G40GWuU18XMI2YQoFTM7-qRJ-cK6z0Blh2gR5bHwS5youO6Q19xHpDaGVwiTDNlLqtuTiS3WFdXbFzHVsWEj5Dog0pwkNLC9vB86e7AvM4v5SGwNaOgbz01eZz4bViLFCWoASzTaUXKYHj36_wYolMghz4PYxs0Lda5aRyhaq7DqIgyozDv95XEbC7gsmZZAgFPaZlxVHPeLra573y7cxxihu6FwDm21yHN1XmwmMQEpDKWbfXKMaSfR_cfxOHHlcQLIrxhL_ksbkAx9CKM29Ap75RnplJNfEkRVPPMLb2hi0Zb5R_nRz17Mw0I68FEjUHZl1pNMtBQMi3rF75LZE0u93w3OGt1AvwDg-l_HwQRYP-I7le7zmY4Z2JVbqs0HbGECS9nWcpHR70NpNJvuaLsFU3x8eH8gV5Eq5QiiF3wGMORuI2PzjCmNV547B0Oj7BJVzNNhoh2HzA_1dR9K-hwlPDccMZz19jOIidaF8XopDSejXmWQHNEziyWjn6cSCc08nwnfElIN8CTXnPSiaLsixaZZYgzk8qyezQ24ZRujoPIFQTTTr9c98E_xFOybxmP5EJgr0CjvClLCHORLk-0aStaQYB4s_bcDYsqaJEO3sQC_5&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=2637835754369259000&adk=3047537735&idt=43&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 07:40:32 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E290
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
371788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9021
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Wed, 22 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E290
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f319cdc456b56a68e1d05eed09015bcd7a290d6d2fded69e7dafea74579f3675

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B2B2
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
274911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56w...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-cph2320023-CPH
pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700616097.812533,VS0,VE105
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENausSCMVOSCerJklFtNsL0&google_cver=1&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 01:21:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy
x-host
tde-deliveryengine-production-bb588bf9-l9j7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2C...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 01:21:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
content-length
0
ebda
match.360yield.com/match/ Frame 9021
43 B
199 B
Image
General
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEPvLxobvPFyph_2iY58WK3Q&google_cver=1&google_push=AXcoOmSFi_oESwCUU7CXB0C1axZ5sp06-5dCXZwePw28q3a2O9o_IXx4hII84WS5fsipYdSUpHLizRaAlqSRXUhHTzb8fS4PC-G8
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.20.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-20-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Nov 2023 01:21:36 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-78d37647-689a-45cd-9822-8b33fcc3e918-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSUgCoj1SaZI1BMNiknP...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg
date
Wed, 22 Nov 2023 01:21:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX78d37647689a45cd98228b33fcc3e918003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIU5VN3vnNOuVj38s87moYo&google_cver=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFh...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD
date
Wed, 22 Nov 2023 01:21:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 9021
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECTGz0mBQLXmkwq7t9KjY84&google_cver=1&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2v31lk1ky97d4rJQBN
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9021
0
59 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqXE-SsGjMGEYPY5CNDRGh2K_CMwfKYpdZjUBE6oB-Tf5G518e628ru5TzxNaCABPYFpNMNA
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B2B2
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
7208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
index.html
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5324dde8156eb3be98a7c6c900646d3bb2bdd423af2e6090564ae66d5e9229e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
349028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2407
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 00:24:28 GMT
expires
Sun, 17 Nov 2024 00:24:28 GMT
last-modified
Mon, 09 Jan 2023 08:13:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E290
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvZA-0i6h-7IIaA3HdOysMGPvp71ALGHVVXzqD7fpL659Gn7HcbwjRRCbW3s0KhO_3b1IN9TCk_BtjmnV0i7Awlo1u545qCU7q0FwDZTn3nNvVKKqXX88pythGkVyt38gsA__rWUKjBr8lI2XOpZNx9YjlXSzupJTrjYKN4Hrxr_KIYsD3z2BwvsB9GxK88hne-bRhVUrSicjmz9CD5XV3TjnD1zO-REozigEf9gwW6iL8fOS4v_pnhkUEOvSuQubb47d-wsjWmJOejmLqr4Qc9hnmHopuztSVBmP98fbQX5xlh9m81EmICB2t_UDSiEN8y1plYVmHgBsIWfqM38RgLkgWg8DcRznhTiR-wkBkXy1W2CYoK2JNcGtxbrQ6LOfjtgzWdeyRt8M2c4X8MvJkgcOfa0eTP1B7mfBxdcDgOnJUk1g1tBkYBMkk9p2WJaB3uowJ-M-VQZE5D8YXS2qkcpFm5oJeoKV-X-MGvGin87jv2EZ-HnFb-_6oqBqSDhjk8AQKHZM7CtBu4uK5SNcfnJKg7v_3RlATr9ZJ1z0K46DMOdHPWkwcf--7T0e65z9dmPuqR9bQI1wJg4eW4v3AYi79AlsXwvUfZzTFn_Rjv6uUm1IlRSl83gKFk3ahd1-kIO0Fla1SX_HMzJbD13qI5Q8hD8hIjmUz6vO7Di0M1y8cuD8TstRxfFx181BTswOtoxTgRqzHWnqXsoA8MsBGwc4fFmZV0GISvb-2_Pd_ZfAmxBHMz6RjTzyQkD3FVAAx0SRxUolVAAo8AfGx-lT6rpMQBQpN5O8LNA3mG8JZODY7TpgfIUmm49XcQ-zmLmpsyyX2LYzD-T-UaHqCmv7qSQ54Qb4Yc8AxyyFfLhLt7U8RomRHBByCSaLy7HQy4TR1w3Evkyq0wxrpUiv0Xe1jTSyZ4WPDh0in-5kM26WZreoTR8IT75ZFC0ft-PR6r9ctMXvezuCbEKFMH7DzuBdH8u060cr2OQdKJMX9-Bojbzgk0BejbIol0PdN0-5APkLBzdRJOfe0sTZLYO5g5bt3ub8Kvvzka9gXpCT5tWGPRwyb6KNznG-lfmbzshWiFiIWILgkMkTVWR_Es4teicu60b42Ex2jgH5cMLRcg6f9De5sjvX5lWHPsUY4IIiAEtcWnx7LwwVrdGVrFT2bTw6Soourm1vmRplxWsVaifrIfIQV-_DVNhKR_Q_6Juku0Ic4X-o6f0mAfVz7jSgtGNyq1LH9jglXnVVf_yUm3myefTrrRePABxrKCL8sY6HX5IkFkzbvHXGOSbIybYw8QOZAj_mQAwJoFDFyTUcg9N007AV0sKyWhwYvYgF71oJEOgt018S_QK7NcsCMup8A7p19nP8Rl9uv1jAzGTkJ6hyJTv2L-PfrLy_PlX_fw3la-AU6xQf6kxG1H_9y0-TtscY&sai=AMfl-YRW0Gk-XAgvn3JQ0PU9ooW3-MdKl6TS1Q72l3ar1WZffwBe3i7uGD7TcNq1qP071LKFHuINEi2dDdXEJGuKNxkHcTfxEuA5KifZ9RNUdrd8a0VxROjj4QLSYPZulPDkOs3g9WrGAl8zgFUZiCTJpOOqapATVzYwzXmodgBO1-4GNiRh-TBOKEbgplRTllk1Wneu_z4c7GksqCFETdHBhV5fULCsAx5LRyV9VQ6yNwy_zDNkUFbeVxa8jIz_Uk9_H4UvTVM&sig=Cg0ArKJSzKSX28ZgBjDjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=132&cisv=r20231109.24545&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6EFC
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 01:21:36 GMT
roller-kwxx-300x600.js
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC
20 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/roller-kwxx-300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d3f802531be5cd9f0c8bd2573491dd5766b94ca7f2a5218225959419cd08df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 13:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302416
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4096
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:13:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 13:21:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B2
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7kfnoFddZfvmIqjA9u8PvIWl4AEAAAAAOAHgBAI&bg=!eHulezTNAAZxrfrxUa07ADQBe5WfOH04hZKFNbeNQsQWswslnPQNDVzD2_p8SyZ1m41baIC3Rq8GOVGodYw1Hnyw-yKBAgAAAEFSAAAAA2gBB5kDCpxUgZwMzCVF0R0ZUk49OxBOmawixIoyUwToqvOVpdzCIcF-2U99iNIFWC5FBV2zHSG80LO3Dffsa7N4nyK-tqA4HhMp_VoxgCojEi1Zm63W1A-iVDazXvcNTmRa6gHCgh7da9jbwX1bOUd3gxHmoBFWIvma19EQr55bhSDU8j6Zl9rxi5C3FB3RO0g0i_Dy2yvEooY8z95XrHJxZ0oiixTWLHWV-fL8alARFs_GCU5wE7IAg8z1NV3Ps5463tv173F295KjQ6eMXx2mKerCwuqIjLYVqdbdSY1Q8QgVd40FklDeGAh41BW2O_PDdQCSkNUa1EDunhIPjsPZq23Fez-85CBo4QceFezawhKtVkZpH7ZsLgVOvElQROAEG6CyWESTM3ghItO00CrhgLrzmAgEtFk89AeyimvK-5GKLj9rSX0K84n4D4veTUtseLFvzfmxub-FD6Uutc6gt26slJ59SEIqpl3IawUC78vONcUQajPFyVnr2byvxvR7sU_1wkMKuKTvOBBLmQP9Kq7yBrlssYKt6IjOHFqBG8U_pMR9eo5oYLICtjMsf-NjiioCWUtStu44JXYW9xvDhW9zMI1eXqKpr7Ujc0mzcVTyviU7F7DROEYd1mCeLuEaqU5g70OTlZsNK0AGpaIZpoCgxtFc7qOHFhgRCo_UG8LPbl9ucIRAJ4LVBfbLGick0e1U9k1YbXMzzQrwMVtYYKGMswMzhaT7jqKEtIlKnwMw7vR4JYdxYOBzvPou5EMoUYCaBzmGUWwvxDuPdLVGSh76OoA1_8-5lZYNGIRm-izfpOsAOPInU0DU4D3WaX5KhYqIjDOrQb1Na1Vgi8Jasfdw5L2FVYyXizEFh3egm8XRlG1zY9bO7zwlX--JSkTVm5-lLxW_x4fh1NtOdCoBg52LX-EintRc3g23O-Gw8sE9IApPuqzuDSfygTDe_kyvvj2jBZsqbcuvWgdK3qlofx-I74JdvDkmoQXdbmsE6AAAqzM3cwbV5jKa2DC5rgxS1vRFaj_xQnY6rz1HlyI
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E791
6 KB
3 KB
Document
General
Full URL
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:33 GMT
expires
Thu, 21 Nov 2024 01:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bg300.png
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/ Frame 6EFC
111 KB
111 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/bg300.png
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32f52b8a1ce45c301aacd2f2ae409a4a7c062fd36e5e82d4cfce3eac70deab72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:22:59 GMT
x-content-type-options
nosniff
age
435517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114093
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 00:22:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E290
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvZA-0i6h-7IIaA3HdOysMGPvp71ALGHVVXzqD7fpL659Gn7HcbwjRRCbW3s0KhO_3b1IN9TCk_BtjmnV0i7Awlo1u545qCU7q0FwDZTn3nNvVKKqXX88pythGkVyt38gsA__rWUKjBr8lI2XOpZNx9YjlXSzupJTrjYKN4Hrxr_KIYsD3z2BwvsB9GxK88hne-bRhVUrSicjmz9CD5XV3TjnD1zO-REozigEf9gwW6iL8fOS4v_pnhkUEOvSuQubb47d-wsjWmJOejmLqr4Qc9hnmHopuztSVBmP98fbQX5xlh9m81EmICB2t_UDSiEN8y1plYVmHgBsIWfqM38RgLkgWg8DcRznhTiR-wkBkXy1W2CYoK2JNcGtxbrQ6LOfjtgzWdeyRt8M2c4X8MvJkgcOfa0eTP1B7mfBxdcDgOnJUk1g1tBkYBMkk9p2WJaB3uowJ-M-VQZE5D8YXS2qkcpFm5oJeoKV-X-MGvGin87jv2EZ-HnFb-_6oqBqSDhjk8AQKHZM7CtBu4uK5SNcfnJKg7v_3RlATr9ZJ1z0K46DMOdHPWkwcf--7T0e65z9dmPuqR9bQI1wJg4eW4v3AYi79AlsXwvUfZzTFn_Rjv6uUm1IlRSl83gKFk3ahd1-kIO0Fla1SX_HMzJbD13qI5Q8hD8hIjmUz6vO7Di0M1y8cuD8TstRxfFx181BTswOtoxTgRqzHWnqXsoA8MsBGwc4fFmZV0GISvb-2_Pd_ZfAmxBHMz6RjTzyQkD3FVAAx0SRxUolVAAo8AfGx-lT6rpMQBQpN5O8LNA3mG8JZODY7TpgfIUmm49XcQ-zmLmpsyyX2LYzD-T-UaHqCmv7qSQ54Qb4Yc8AxyyFfLhLt7U8RomRHBByCSaLy7HQy4TR1w3Evkyq0wxrpUiv0Xe1jTSyZ4WPDh0in-5kM26WZreoTR8IT75ZFC0ft-PR6r9ctMXvezuCbEKFMH7DzuBdH8u060cr2OQdKJMX9-Bojbzgk0BejbIol0PdN0-5APkLBzdRJOfe0sTZLYO5g5bt3ub8Kvvzka9gXpCT5tWGPRwyb6KNznG-lfmbzshWiFiIWILgkMkTVWR_Es4teicu60b42Ex2jgH5cMLRcg6f9De5sjvX5lWHPsUY4IIiAEtcWnx7LwwVrdGVrFT2bTw6Soourm1vmRplxWsVaifrIfIQV-_DVNhKR_Q_6Juku0Ic4X-o6f0mAfVz7jSgtGNyq1LH9jglXnVVf_yUm3myefTrrRePABxrKCL8sY6HX5IkFkzbvHXGOSbIybYw8QOZAj_mQAwJoFDFyTUcg9N007AV0sKyWhwYvYgF71oJEOgt018S_QK7NcsCMup8A7p19nP8Rl9uv1jAzGTkJ6hyJTv2L-PfrLy_PlX_fw3la-AU6xQf6kxG1H_9y0-TtscY&sai=AMfl-YRW0Gk-XAgvn3JQ0PU9ooW3-MdKl6TS1Q72l3ar1WZffwBe3i7uGD7TcNq1qP071LKFHuINEi2dDdXEJGuKNxkHcTfxEuA5KifZ9RNUdrd8a0VxROjj4QLSYPZulPDkOs3g9WrGAl8zgFUZiCTJpOOqapATVzYwzXmodgBO1-4GNiRh-TBOKEbgplRTllk1Wneu_z4c7GksqCFETdHBhV5fULCsAx5LRyV9VQ6yNwy_zDNkUFbeVxa8jIz_Uk9_H4UvTVM&sig=Cg0ArKJSzKSX28ZgBjDjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=263&vt=11&dtpt=127&dett=3&cstd=132&cisv=r20231109.24545&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9870
640 B
308 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E791
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Origin
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 07:58:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E791
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
63668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E791
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
63668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E791
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
371788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E791
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
30584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:51:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9FE1
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Wed, 22 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E791
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
7478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 23:16:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E791
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_xWVjZS2X2mz9qk-0yffbMqWQ8WE68sRj3AzfdpszsPm4FsEwmExmtp-csXGmj1BvqU9d0dyFB6hp42SZwtGl3ePTtiZdUjjuZUDtm61PjGnrRMU
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E791
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 01:21:36 GMT
logo2dwhite.png
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/ Frame 6EFC
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/logo2dwhite.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:47:21 GMT
x-content-type-options
nosniff
age
372855
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5587
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 17:47:21 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E35D
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
274911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 9870
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9870
43 B
219 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9870
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 01:21:37 GMT
pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9870
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 01:21:37 GMT
pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
truncated
/ Frame E791
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2358cb659bf297f749541b366e8ad0fdaafa5825074b78ab33fb74fb0bb55df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 9FE1
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBnQ1njxo8bzSgj05EWktmk&google_cver=1&google_push=AXcoOmQLgvF9Ey4pzqT_ZqVN7dolq5M3qcO1tODizzlkAGw0rrumxcNStClHG31wLxxkJy7-ev3PHWrAh5pmPOKOLGt2NJTtD0k
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0Nbis...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 01:21:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0Z...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 01:21:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVY...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHCCOlT-2CKE7lPcCdhdj8&google_cver=1&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBlt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyh...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3yTHiFQmJIyuo5wewTNiN0thUHJYqrY3uJ8BskANuFCw0xET1bLhB2BY%2BNmSdoHnM0bjqhSqtv8xMwAWKUdZ6%2F940gaSbIoexfmyZ%2F8wcu59K3lIRADrc9e5SJzXmzFYJaK0pDdvc5rFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF
cache-control
no-cache
cf-ray
829d5b4e0b7a91e3-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
ssbsync.smartadserver.com/api/ Frame 9FE1
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDd1-oF6pqiEwwym1tDUGnY&google_cver=1&google_push=AXcoOmRbeS7mJH2yWRmeDTRjLo5pCi5tlUXNWmpWNAYC0P4VeeTeKd_C-Esu6Afq95kbaIZ6ISeLhBBXDqlJRfN7aIn5A6ZcjQc
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.108 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9FE1
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jm6TpIPGh6bIXUyEySg6pxJwkgAf8VMFkuII3Eovf1VokJLfQ5VrRghrxNSkteCpjhL_By
Requested by
Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame FCBD
47 KB
12 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:36 GMT
expires
Thu, 21 Nov 2024 01:21:36 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame E791
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst84tHN6fKTJhB21l90TeWgcBalish7-YZG-CbTqe_UrWueD-zwTrQt_5PJ3Kyxe-qyBOwXWDf1yLyWjHmjDAQw9YG97tds2aEWcliZqvAIAvf_1mjkZNEgkC4gezYnxcocLQz4zfpGVHOwXyN1QjpGp01TRN3h6C10kYOG-amKxcZhfWcR-0PJryhLBWyRmYx2v6N8toomtrOaLJytfk5h53FUH2aSLBeyY6G7Uto8UfiqIAu-Q9DwsglqZlPTjGQzGNLtRSmXQ2HJmgzvjZUGPgChyJHlAZnAR9FrUvGDn9iBaaqgjz9AZnyI8UPuWarMBilXCPeBASUK5OXPXkC4JArj2t4VxXj0UqzZNqVLgMWs61BmIySrY6PhS1SRtrwgSqUFS_UxhVl2Rd4DhrJ0di_BfGYACzUcKQMVJZcBXqqpNLTVmFvOY70aaH8LocNPY3BmG1gJF7OyOaGf74L4P6Q6gDvwTuXPi1crn3NcFrILEquMkPaWDPDOqAYks6YwmJQJOkxIFoFaGuoNR79Ux4c2TzyZhrjOY66UIIjHnlYh99SvN9LcRGDvU5NGnNjb7UKRmyKX7Yp3AGclsWQLhgT8PNmD5EE7Keq7kC2zfGJrG8xH8gzEqFOapeH4wnlNijjVtQR6PpJmRaFk0mgmKhDq4Kw9eBb5RK0PWykeNQlc-XQ5-7JqFaMaA5_Uz3p6T47QJYifeLq9O3WMHlvCzPX1ji6Bfhj3WGdc6X90gJPFY2QKdGUhofaWUsyXnxJtiDy8a61vd8jdcjp9ZgEkGFXZSWdxIkM349AeA_Qvx7uqEgB6_wyDU7vvWotpoQQV8Ep5BJ2AcZp7PGUQYvStx877tuXVUHvsJD93_Ls72QiWf5sIWN8Ftwqk0c2SWSdL3YvTIcOSGG-C3BosMnQZ0Qn7yHX-o_x4e3Yxzdxvd64LWWP82613Mn-0uyvMIivO5bn9GGF4D6noIpSXbzPsI0Cu3f81dsAmj7WLRjL5mEZ7jfFcqt0b3l7JOCTSInhjbIT_hreES4TwACaaZiFE370ArYaeulOsyN0pgg9pv5Pe-x7JJzlEwAeQcxdTgFptpgFgxzkaE5Z8l66jNXWk7v9jWCOtUKV_5GrzgDHtTt6aJ9pt7aZYSrvSAfslmf3CcSU1lhZWYs-cS2hkd0-9vER2n3QaSY77DY2ohjHVppZqzkqKF1nzD3MtgjdWtMOJ6re7k0OYfIrQiesHHlLybFnZMHzApDexPJznQdDtNuPXKWemNpn3e3YhuWUQcoASYyuiXDRyKRSH6O2BfAdNof5ixD3op7jtnoCgqi-ULmxRomL7l3KygPaXkMPW_vJKWFa_RRHQmpXoqHwvLp-6dMDl9dzMWvxIK1FvPN3XB1rhGMYRXxebZ-L3raYpCGqwPbf1nsK_NAzKntSLlF4Bbju2L-XusEBndoElFDpKXCsbEoNN_yEOcyKNLBEghLZmfYWPndvIs5lrF-myPg9alKDo3NtxIPgO0rZGF24v&sai=AMfl-YT7u-maObVQqfy4K4nHnqu1iFFj_2Di2Fqfbq9U5h_oi7VjWNDqD-OD480ZlJNI6BDAdXIa-0WbZr99-LZDv4MX5unPQbuDuKkwjrRgDX86AHTbNM_u3WeB8Gc0dlttoxwpsv9jYG8Ajq3UODK6vyNMTMID-6n_oGIL_46oirtY6d8CyYz2Aq9C4sqqpYCB2IVZ1IEv6SB1g4se5IiW2I-1kF5vY0zCJzFcmunTy_rGRcW43TD6Nz8g51CESK5z6lQV8RDScuSuAVcac_baZzE2D495wwtTIa-do3cw88yxBUaVhSx6Z-slNuPa9z7wkRtVaYDe8owcms4F8fe3AOPnsUjE4fp34PV_BDR2KedUBiTvelwZspDJJBa7M5OheYnfQtxizOhD-KxSu1JXALN-Nj97uKpbus3gHoM3EW3YtYH4PpbxJQ&sig=Cg0ArKJSzH_UFbUqWvnJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=49&cisv=r20231109.88111&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame FCBD
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 04:12:33 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FCBD
63 KB
25 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 01:21:37 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E35D
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
7209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
Cairo-Bold.woff2
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC
35 KB
35 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/Cairo-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 12:20:45 GMT
x-content-type-options
nosniff
age
133252
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35836
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Nov 2024 12:20:45 GMT
view
ad.doubleclick.net/pcs/ Frame E791
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst84tHN6fKTJhB21l90TeWgcBalish7-YZG-CbTqe_UrWueD-zwTrQt_5PJ3Kyxe-qyBOwXWDf1yLyWjHmjDAQw9YG97tds2aEWcliZqvAIAvf_1mjkZNEgkC4gezYnxcocLQz4zfpGVHOwXyN1QjpGp01TRN3h6C10kYOG-amKxcZhfWcR-0PJryhLBWyRmYx2v6N8toomtrOaLJytfk5h53FUH2aSLBeyY6G7Uto8UfiqIAu-Q9DwsglqZlPTjGQzGNLtRSmXQ2HJmgzvjZUGPgChyJHlAZnAR9FrUvGDn9iBaaqgjz9AZnyI8UPuWarMBilXCPeBASUK5OXPXkC4JArj2t4VxXj0UqzZNqVLgMWs61BmIySrY6PhS1SRtrwgSqUFS_UxhVl2Rd4DhrJ0di_BfGYACzUcKQMVJZcBXqqpNLTVmFvOY70aaH8LocNPY3BmG1gJF7OyOaGf74L4P6Q6gDvwTuXPi1crn3NcFrILEquMkPaWDPDOqAYks6YwmJQJOkxIFoFaGuoNR79Ux4c2TzyZhrjOY66UIIjHnlYh99SvN9LcRGDvU5NGnNjb7UKRmyKX7Yp3AGclsWQLhgT8PNmD5EE7Keq7kC2zfGJrG8xH8gzEqFOapeH4wnlNijjVtQR6PpJmRaFk0mgmKhDq4Kw9eBb5RK0PWykeNQlc-XQ5-7JqFaMaA5_Uz3p6T47QJYifeLq9O3WMHlvCzPX1ji6Bfhj3WGdc6X90gJPFY2QKdGUhofaWUsyXnxJtiDy8a61vd8jdcjp9ZgEkGFXZSWdxIkM349AeA_Qvx7uqEgB6_wyDU7vvWotpoQQV8Ep5BJ2AcZp7PGUQYvStx877tuXVUHvsJD93_Ls72QiWf5sIWN8Ftwqk0c2SWSdL3YvTIcOSGG-C3BosMnQZ0Qn7yHX-o_x4e3Yxzdxvd64LWWP82613Mn-0uyvMIivO5bn9GGF4D6noIpSXbzPsI0Cu3f81dsAmj7WLRjL5mEZ7jfFcqt0b3l7JOCTSInhjbIT_hreES4TwACaaZiFE370ArYaeulOsyN0pgg9pv5Pe-x7JJzlEwAeQcxdTgFptpgFgxzkaE5Z8l66jNXWk7v9jWCOtUKV_5GrzgDHtTt6aJ9pt7aZYSrvSAfslmf3CcSU1lhZWYs-cS2hkd0-9vER2n3QaSY77DY2ohjHVppZqzkqKF1nzD3MtgjdWtMOJ6re7k0OYfIrQiesHHlLybFnZMHzApDexPJznQdDtNuPXKWemNpn3e3YhuWUQcoASYyuiXDRyKRSH6O2BfAdNof5ixD3op7jtnoCgqi-ULmxRomL7l3KygPaXkMPW_vJKWFa_RRHQmpXoqHwvLp-6dMDl9dzMWvxIK1FvPN3XB1rhGMYRXxebZ-L3raYpCGqwPbf1nsK_NAzKntSLlF4Bbju2L-XusEBndoElFDpKXCsbEoNN_yEOcyKNLBEghLZmfYWPndvIs5lrF-myPg9alKDo3NtxIPgO0rZGF24v&sai=AMfl-YT7u-maObVQqfy4K4nHnqu1iFFj_2Di2Fqfbq9U5h_oi7VjWNDqD-OD480ZlJNI6BDAdXIa-0WbZr99-LZDv4MX5unPQbuDuKkwjrRgDX86AHTbNM_u3WeB8Gc0dlttoxwpsv9jYG8Ajq3UODK6vyNMTMID-6n_oGIL_46oirtY6d8CyYz2Aq9C4sqqpYCB2IVZ1IEv6SB1g4se5IiW2I-1kF5vY0zCJzFcmunTy_rGRcW43TD6Nz8g51CESK5z6lQV8RDScuSuAVcac_baZzE2D495wwtTIa-do3cw88yxBUaVhSx6Z-slNuPa9z7wkRtVaYDe8owcms4F8fe3AOPnsUjE4fp34PV_BDR2KedUBiTvelwZspDJJBa7M5OheYnfQtxizOhD-KxSu1JXALN-Nj97uKpbus3gHoM3EW3YtYH4PpbxJQ&sig=Cg0ArKJSzH_UFbUqWvnJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&vt=11&dtpt=142&dett=3&cstd=49&cisv=r20231109.88111&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FCBD
47 KB
47 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:15:08 GMT
x-content-type-options
nosniff
age
389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 01:30:08 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FCBD
46 KB
46 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:20:26 GMT
x-content-type-options
nosniff
age
71
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 01:35:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FCBD
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55c4b0671fc364ab88679e5c22d6b0d70ab3f154e593bffe67fa4ecd8f1f1461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5946
x-xss-protection
0
60005582_20231018074030442_APP_iPhone-15_Watch-S9.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCBD
40 KB
40 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074030442_APP_iPhone-15_Watch-S9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 15:49:25 GMT
x-content-type-options
nosniff
age
34332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40901
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 14:40:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 15:49:25 GMT
60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCBD
30 KB
30 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 21:10:57 GMT
x-content-type-options
nosniff
age
15040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30980
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 21:10:57 GMT
60005582_20231018074100388_728x090_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCBD
27 KB
27 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074100388_728x090_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de58674eff9a7f8dad274fa31507749fdfcf2df5a460736822f13ca172fd01f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 14:05:33 GMT
x-content-type-options
nosniff
age
40564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27962
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 14:41:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 14:05:33 GMT
postview.gif
portal.o2online.de/nws/img/ Frame FCBD
43 B
606 B
Image
General
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14121_PV&mediacode=30943251_4307561_379661840_145341330_PO1803A20231020&ref=30943251_4307561_379661840_145341330_PO1803A20231020
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 01:21:37 GMT
via
1.1 varnish-live-1-0
CF-Cache-Status
HIT
age
582541
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Thu, 09 Nov 2023 15:03:02 GMT
Server
cloudflare
etag
"2b-609b98009f580"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
1122438
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
829d5b50f84404a3-FRA
Expires
Thu, 21 Nov 2024 01:21:37 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FCBD
26 KB
26 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:13:55 GMT
x-content-type-options
nosniff
age
462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 01:28:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FCBD
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 01:21:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E35D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BoN-toFddZcfVIJm73wOHv7n4DAAAAAA4AeAEAg&bg=!ZWalZinNAAZxrfrxUa07ADQBe5WfONAv4WZ5L48oVi6PWV32y-LzOHuNV5ClB05E7M7NIW5nRw6nimh2jf4Gl8PRK2rmAgAAAINSAAAAAmgBBwoAg9tG1jRl0iZ8-qWtQ9kOjvKTLkG0MWVdJmhpB2TKu4BszMphR-T9K0VlEW6aN2NTrnl49tAwC3CJWQ9zXlFNAu6e-kDYiwF9lm_Q9Wyu_uGkmY1mjYjdDCNOJKYugVqwexIk7MXwNOGGjB3dyd3exPtgKw3bdV5idPA712Ns2BpOd8aMmQMESo9pjxun6DIKxUUrqllwIBqM-gZYsyOB2RODx6u6C_pi9-cbMaY-UnCeK5sGshRKzPsub5vmS5dMnAxv55C8LzE_PL6zayTLefcV5m5liEAZ0_Xt39FjW2P1QpfoxfkZqWS9gcI3UkEWOOTuc7CwJm4wtVk_KVWoiaAzt2wR-0QzFTVBF8esuoWzGASM3EeSfm6RkXc6J4Ut7RmtFzGK6KnKhc3YUrWrGWmU31ryuyzLHtuBaHFsMq9B0ZRiXm0JbDD1vIVN0bU9aXT2vHGh9CNOiAUaIi0GMu3ciMI1UwKerZdJcuzsnYhzEaHULJmkP5WnLH3S6kRGb7jELWaHYWTMo7_N5mFd-zpDgpV-rcEQjepJIfsTwniHQE257BZ4ii_IQLeBpf6cu5xrxeUypygzjpCw-OF9O9-_nTy1SEmSSDcBsm_3TFgRsqdh5Bq-2G1RTsUhhLNvkEsgdspfZK5D6iGF6NuNMb6RfjHaMgvcZ96FFVEWwebhJr-mU7BUsyP7SyobkJZ97b10pRE0y0BuBFxsrJj1UHgHv2XHkmKo5GtKSnP6o0F_Geav9U79SBlr514hPD7_VxBkLPbtkftbkgm5AiNV2G97_tpgkG4MquQSBimG8X6ZKLW8p9SofTzzqa71nUea3yiXKf1SqW-RvD17Gu5sK5holnXrXr0ZFOxiV4jb2yEcpur-Y1p_8gR_jgFBoStn2mdUw3rZGVhm2Sl0f20rsHPD_uD3cLfA7zUFJ9JsnNbnI3XpZVfGPF4Pv4YPh1dPFPcHzvPUmUiIX7BA5Fn-k8vo7JA8K6MbocB4VykOU0kIfpvBxwDC8O4BI0sUXPIwH0cxc196vOy4fCTJtOUGvZkftPPHHWZK6Sj3alBO3ShiFcFrWEFVmuaKJBb2zG_aEap1szyRJknYpVifC6icE0pXPJQp3GT_4kup1hGjPb17zfXhqLVBEbyioXb9x4Z3oTPYrbDK7ncgI7GbseMTq_AwkBin3ThuQkXA3bK8gIBXa9k8_CjiMt3Qqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 9C3E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
7209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E290
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0zrIAPcshf45vekZv8h4LrCqp4nOlAQasgmigrSnamLnSVSsUjGn24Adys6XJDU-zl-cumY5xh_yCFZSZX5QXDAeDpefuf8oI_5XNgHjAY0Vix1oxR-7YAvXB3d2KVx_i96kP1kx8ih_f&sai=AMfl-YSYc9HOPWtj6bEkOmaxlMOgsIV9nwHG2ZwiCeWZFMN2ARUjO2enSWzeObo4QGu6mHvJyYDu6aMx7J-vBNj6VI4-d7bUGT7VHTZda4kUM0Esut4zIVqO76ejqa3C&sig=Cg0ArKJSzEkb61y8RywqEAE&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&id=lidar2&mcvt=1001&p=526,1328,566,1369&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=975625246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700616096451&rpt=220&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E290
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9488723135582&version=m202309260101&ct=119&x=1&cor=2637835754369259000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E791
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwNAnv6Y___64etoKeHII26pBSRoK1ImZeMsdh9VgJxMcxQCkHxGMu0wwt9AmWv9AdGQ1PGIZORdmHVi7aRAftmPVr8ofwHeEgegFBqQZBDJGu0qqBee3FChnQLMB8omdm-5Hg_8ptwZDS&sai=AMfl-YSinGo3JUSEaglkqDWiah3GORG82q3341bxAKJ8ByOznwTLNBUqHWVqNbevd7_VyIKSM9zVoaILjpBfAtlAUqDFFkSVmlMYx0m3vIxg0bsuJ55kWEUV9Y-4kW-L&sig=Cg0ArKJSzJC-O-QMM1dlEAE&cid=CAQSPADICaaNk-Hhq0flxiO_LgPXsbxRD-wSin7OT0dmTEIJlOhDYLK7SyR-zBt3Mh1cJkyt3xt8dD454weHKxgB&id=lidar2&mcvt=1000&p=153,436,243,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4123656343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700616096877&rpt=135&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13911
check.analytics.rlcdn.com/check/
25 B
382 B
XHR
General
Full URL
https://check.analytics.rlcdn.com/check/13911
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:38 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-655d57a2-26164325611a21754a01c815
x-amzn-requestid
59e8e97d-a068-474b-a5df-3cb1dd3d0fe5
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
OxqhbHlTDoEEVPg=
content-length
25
x-amz-cf-id
EuGh_tcUg4LBv0T2rOGoiDbrzeEdkpfm8e-xCmwKFTpwmiur0op4iA==
publishertag.prebid.136.js
static.criteo.net/js/ld/
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:21:38 GMT
syncframe
gum.criteo.com/ Frame 4CE8
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 01:21:38 GMT
server
Kestrel
server-processing-duration-in-ticks
926093
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/
94 KB
30 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.terra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 01:21:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:21:38 GMT
sid
mug.criteo.com/ Frame 4CE8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMk...
  • https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0...
425 B
652 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0VvYS9sQmhUbXg3SUZjcjhaRHpDUEV5MjdUWFh0TXFlVnArTlRZUEZZd0dCZjZmbkZpZkhKOWk4NkxZc29VOEJaSkJkNkhKa3c2alRLOGhDTFFYUVdJYXcvR2I4a0FydlJLZElhdUF3VkEwOWwyaW9jcVFpU1dRZzBjcXJta3k3MzRCeDNHd2owWm1tanVNdzNGdG9obko1bEtoTDNibG1SUW41T0Q5clNHTThialRHLzFpOD18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
089407ece06ebe9e007bbdad2b37f8551ed4c12edfecaeb9ffd4ad7265c10b4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
792601
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0VvYS9sQmhUbXg3SUZjcjhaRHpDUEV5MjdUWFh0TXFlVnArTlRZUEZZd0dCZjZmbkZpZkhKOWk4NkxZc29VOEJaSkJkNkhKa3c2alRLOGhDTFFYUVdJYXcvR2I4a0FydlJLZElhdUF3VkEwOWwyaW9jcVFpU1dRZzBjcXJta3k3MzRCeDNHd2owWm1tanVNdzNGdG9obko1bEtoTDNibG1SUW41T0Q5clNHTThialRHLzFpOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
247496
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.terra.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 22 Nov 2023 01:21:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
188384
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
374 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&cw=1&pbt=1&lsw=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.terra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
191218
expires
0
envelope
api.rlcdn.com/api/identity/
0
254 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13911
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.terra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 01:21:39 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.terra.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
checksync.php
contextual.media.net/ Frame 8E87
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b134cd809c6a19c551d9436f904efdbe3726fc7741424b8c2cc402fff99f577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8444
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 01:21:39 GMT
expires
Fri, 24 Nov 2023 01:21:39 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0D96
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 22 Nov 2023 01:21:39 GMT
ETag
"623de86a-cf34"
Expires
Thu, 23 Nov 2023 01:21:41 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
usync.html
eus.rubiconproject.com/ Frame C41B
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.terra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 01:21:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame C41B
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 01:21:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Nov 2023 23:36:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80108
Connection
keep-alive
Content-Length
13230
Expires
Wed, 22 Nov 2023 23:36:47 GMT
khaos.json
token.rubiconproject.com/ Frame C41B
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
async_usersync
ib.adnxs.com/ Frame 0D96
0
597 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:39 GMT
an-x-request-uuid
c9747f4c-4737-4543-9e99-37662ab7ba81
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Cairo-Black.woff2
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC
35 KB
35 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/Cairo-Black.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:56:49 GMT
x-content-type-options
nosniff
age
422690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35908
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 08:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 03:56:49 GMT
async_usersync
ib.adnxs.com/ Frame 0D96
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 01:21:40 GMT
an-x-request-uuid
baa6b239-a9cb-4fc3-9878-cf90e8f88195
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| zaz string| idItemMenu string| tgmKey string| terra_info_channel string| terra_info_channeldetail string| terra_info_id string| terra_info_service string| terra_info_type string| terra_info_clssfctn string| terra_info_pagetype string| terra_stats_dvctype string| terra_info_source string| terra_info_author boolean| terra_info_special_article string| terra_info_vendor boolean| terra_info_sponsored_content string| terra_source_type string| terra_info_customgroup string| terraVersion object| trr object| info_path object| hostNames object| regexUserThemeCookie object| OSTheme function| applyUserTheme object| includerComponents object| contextData function| ApplicationError object| nunjucks string| osThemeColor object| tga function| gaTerra function| fbAsyncInit object| _ttconversion function| registerComscore boolean| hasSendComscore object| _comscore function| AdManager object| googletag function| ga object| dataLayer function| gtag object| pbjs object| keywords undefined| keywordsii function| getAudCookie function| getBlocklist function| keyGen function| sizeGen string| keyword object| customCriteria object| _ttprofilescache object| dc string| dcN object| foundList object| customCriteriaArray2 object| blocklistAds object| _newsroom object| google_tag_data object| gaplugins object| pbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| GlobalStorage object| regeneratorRuntime object| COMSCORE object| ns_p object| TTTagManager function| TTTagManagerError object| _ttqtt_terra undefined| google_measure_js_timing number| google_unique_id object| gaData object| __uid2SecureSignalProvider object| __uid2 object| _33across number| newsroomStartsLoadingTime object| tbNewsroom object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 boolean| is_infinite undefined| hemmd5 undefined| hemsha256 object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad string| adSizes object| slotSize string| adserver boolean| reloadKey number| reloadTime string| reloadViewable object| mediatype string| googleTag string| googleTag_area object| bidders object| default_gsi object| _F_toggles object| google object| closure_lm_513410 string| n string| nq object| cmds object| tt_terra object| ttcNamespace object| valid function| callback function| validar string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder function| Datetime object| GoogleGcLKhOms object| _aps boolean| apstagLOADED object| apstag object| google_image_requests object| apscustom object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

59 Cookies

Domain/Path Name / Value
.terra.com.br/ Name: X-XAct-ID
Value: d1d69113-1316-48c0-89e0-1ae19ac83adf
www.terra.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.terra.com.br/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.terra.com.br/ Name: _ga
Value: GA1.3.1025678541.1700616094
.terra.com.br/ Name: _gid
Value: GA1.3.339124889.1700616094
.terra.com.br/ Name: _gat_terraAnalytics
Value: 1
.terra.com.br/ Name: lotame_domain_check
Value: terra.com.br
.terra.com.br/ Name: __gads
Value: ID=c6e8faaf699284c3:T=1700616093:RT=1700616093:S=ALNI_MZAgegc3NCNwRgwjqNjyQaTXiRRng
.terra.com.br/ Name: __gpi
Value: UID=00000cd6bd46ae79:T=1700616093:RT=1700616093:S=ALNI_MYST5HZKSnSL__11DG_O1UaGiW2ZQ
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 1b05911a-245a-4e25-9077-64b807c890d2
.openx.net/ Name: i
Value: 85f49534-c35f-4faa-a40b-4be4c8a42683|1700616093
www.terra.com.br/ Name: tt_c_vmt
Value: 1700616095
www.terra.com.br/ Name: tt_c_c
Value: direct
www.terra.com.br/ Name: tt_c_s
Value: direct
www.terra.com.br/ Name: tt_c_m
Value: direct
www.terra.com.br/ Name: _ttuu.s
Value: 1700616094837
.terra.com.br/ Name: _ttqtt_terra_tt.href
Value: https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
.t.tailtarget.com/ Name: _ssc
Value: y
.tt-10969-0.seg.t.tailtarget.com/ Name: trk
Value: I90wwtdPSHNlfdMy1RwzoPXlNXCg5VWIWPM1SgDnV/EXDsETD+Tpg/7M+KwJmVCEedyb1tQ8Noaei2S4TGeKgKAxDGsgOOM+DnvPHJg3m4Fp2knrhMzryp5JbNRYOPQldzAGHxePYbbdlluEW/0y/yPdMMLXT0hzZX3TMtUcM6DiGmMVWxz7Y+S/3rJcUS/IAdaz8nEbRcmdT+u2xCK4DOV3QhHuPMxBl68ttybDe30=
.t.tailtarget.com/ Name: u
Value: fwAAAWVdV58WtwZfF/gxAgB=
www.terra.com.br/ Name: tt.u
Value: 0100007F9F575D65D906B316024E3551
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1700616095261_3648182805
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.terra.com.br/ Name: tt.nprf
Value:
.tt-10969-0.seg.t.tailtarget.com/ Name: ttca
Value: CA3731,CA6935,CA4723,CA5682,CA4729,CA7125,CA33426_1700616095
.terra.com.br/ Name: _ttdmp
Value: |LS:|CA:CA3731,CA6935,CA4723,CA5682,CA4729,CA7125,CA33426
.t.tailtarget.com/ Name: n
Value: 1700616095
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqYD9dAHFT8WrU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+6oWPL5yMMz7vk/DJ53q2nIhmhpHjFZoTUgcdj94p/Mzxl23EFZZTWoijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.rubiconproject.com/ Name: khaos
Value: LP92WXNS-1Y-81QW
.adnxs.com/ Name: icu
Value: ChgI0YlXEAoYASABKAEwoK_1qgY4AUABSAEQoK_1qgYYAA..
.adnxs.com/ Name: uuid2
Value: 3038904748048633652
.doubleclick.net/ Name: IDE
Value: AHWqTUkRIbV_MQaZvqovz-_dZLHVHovqlLr-1KPftyYOHEYjdA263gsIGVvRxr1Asds
.doubleclick.net/ Name: APC
Value: AfxxVi65VkJrLNIuMXRg2nktaolZ4-VF6ZvDpXWvIKkyU4Gdy8JCRg
m.exactag.com/ Name: exactag_new_gk
Value: 0b9ea54a7baf42d29082f24b3b7f890c%7C21.01.2024%2001%3A21%3A36
m.exactag.com/ Name: exactag_new_uk
Value: b4fc296b4dfc47058cea917bfd1b3f19%7C
m.exactag.com/ Name: session_session
Value: 038eb362eb56424dbfcc2eae
.casalemedia.com/ Name: CMID
Value: ZV1XoCp4HvP0U.2c-ktRiAAA
.casalemedia.com/ Name: CMPS
Value: 2186
.casalemedia.com/ Name: CMPRO
Value: 2186
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?]mU-aB!]tbPl1M>e)ZlrFUfJ+tGXxoiK#W4)X=!0.Hia_eLcQ!R^$jX%]5)B`C[]P*3If)y3KL9D3I?+jaje9g
.3lift.com/ Name: tluid
Value: 4366623744014263409256
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B5B21979-F3BC-4319-0189-F71F915E27CC%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBKBXXWUCEHlGNgUtNr5nPGKIsxrINkAFEgEBAQGpXmVnZQAAAAAA_eMAAA&S=AQAAAsrneFXw7fgrTKmi-oaw45k
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-78d37647-689a-45cd-9822-8b33fcc3e918-003%22%7D
.terra.com.br/ Name: _ga_FJBH1GT2QG
Value: GS1.1.1700616093.1.0.1700616096.0.0.0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-78d37647-689a-45cd-9822-8b33fcc3e918-003%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZV1XoAABa4yZ5ABH
.quantserve.com/ Name: d
Value: EAwBCQG-KoEA
.quantserve.com/ Name: mc
Value: 655d57a1-0697a-29b89-d0b5b
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: tnzTaq171R5BVT5
.adform.net/ Name: uid
Value: 1325583673141936330
.w55c.net/ Name: matchgoogle
Value: 5
www.terra.com.br/ Name: _lr_sampling_rate
Value: 100
.terra.com.br/ Name: cto_bundle
Value: IfXjnF9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd05rdVRtd2ZkM1M2dEpkZnJrMXpmU3BLWUoyTEkzWXVnQ3EyYmJDN3JOaXVxNFZndWp5b1pUb3hXZ0J0cTdITTV0U0R5ekIwNWJrakg1dnZZZm5hZCUyQjc5TmxyREp5NkU5ejQlMkIyNjltMlpCbEcwTUJuV2VWc0JaQVIlMkZScTdMZGNIdyUzRCUzRA
www.terra.com.br/ Name: _lr_retry_request
Value: true
www.terra.com.br/ Name: _lr_env_src_ats
Value: false

2 Console Messages

Source Level URL
Text
network error URL: https://www.terra.com.br/api/tagmanfe/ShowArea?key=br.config.backend.adnotification&area=adnotification&direct=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13911
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ads.travelaudience.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
audio10.audima.co
b.t.tailtarget.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2.taboola.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
d.tailtarget.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
m.exactag.com
match.360yield.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.trrsf.com
p1.trrsf.com.br
p2.trrsf.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
region1.google-analytics.com
s.seedtag.com
s0.2mdn.net
s1.trrsf.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-10969-0.seg.t.tailtarget.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.terra.com.br
104.18.35.167
104.18.36.155
108.138.1.25
13.32.119.77
13.32.27.78
13.32.99.89
141.101.90.98
142.250.185.130
142.250.186.166
142.250.74.194
143.204.98.32
151.101.129.44
151.101.194.49
162.19.138.120
18.245.60.53
18.66.97.121
185.86.138.32
2001:4860:4802:34::36
23.211.9.60
23.32.185.35
23.35.229.251
2600:9000:2250:9400:a:e047:753:a221
2602:803:c003:200::31
2606:4700:10::6816:3556
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700:e4::ac40:af02
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200d
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::201b
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c1f::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:f500:9::5c7b:8502
2a02:26f0:f500:9::5c7b:8528
2a05:d018:d29:3602:be7c:8786:5b47:1e53
3.121.142.228
34.102.146.192
34.102.185.99
34.120.133.55
34.120.135.53
34.120.63.153
34.149.50.64
34.96.70.87
35.190.0.66
35.190.39.111
35.201.123.184
35.244.159.8
37.157.3.26
37.252.171.85
46.228.174.117
51.89.9.252
52.212.46.188
54.76.20.17
65.9.66.68
69.173.144.139
69.173.144.165
76.223.111.18
81.17.55.108
85.14.248.71
95.101.148.20
99.86.4.128
0031ada69905040a7741dfd64daf65b6a854123dbbe88cf4f766ec1ccbff1126
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
04cb27b9562e872b685a7327fda10d83d53e2208d3e44e82041d7da8a64be8b4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072aac53b7b3f4423dcffc13541197aa59fc1c8e170e88164772c32d0d88d764
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
089407ece06ebe9e007bbdad2b37f8551ed4c12edfecaeb9ffd4ad7265c10b4e
08a50a6a84fd01cbe4d55ed7f9c4079344ccc60f089329a225369b3954c03197
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c23c1806fe41e0f14a9b5b3c0f9e188f338410d4d0e13175ce79605f55e5b64
0ee7402f66e72ebec175b110cb2f29f2272d3a0aff70676057e114d6101a5c25
0ffba6340e22afe2844579cfacfb6bc976a70f76ce0932a3d474280b2e363e42
126ff8c0e781563aa02fa93b00449f80e2bd09fdcad30a6ee5624bf48a86c0e9
14e86be33c26b00a3b148def30c076c8418aa847eab12691fad3afaf3a4ed4f8
14e9eb55013564bb7ccd919065e7be491b3a2275b16251ee42c5a2092ade1b79
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ea7d44f4fecd2f320897686d1e57be8fa6ce48d92d1942dee116953deeacc3
195230e030a8055f38f964f9667efa1bd84e80971ea937cdb1812089f4393324
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa
20e58a9f3f301cb7cefc50ba90d5e615228189b2e1f0d8dc218931e04d79e650
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25281465cabc83360f736a7f6b22716ff3b7855711e511bfa850f576fcec6292
27d4aa6771bebbd0b3a44bc2d659ee33a9f07c3a69fb8bab3971d0eaccf815c8
281db6c6856ae3b30503ce0d7dad18b868602815e0b1607fa5d19f07e8c573e2
285b329154d66c830326cdfe19681500a9f2f11f0bbd36b04440340b9f3a9e23
295c8fb354a39789d21bc7a88dc34e7bd844414b6086cd16f27db98a8dd77d98
299ad733ac887166de3c640031cd47ca45d6198470d0991e04a4f948d6b5c9a3
2a20c1b8c427362f9d8a17e170362fc4a942916fe28ffd6786a27dc4979a69d5
2abaed58100b1df83a5738ff8ef9f0785257e6c703dc770153059f3661b407c1
2f184ebb644b10356c882abb0fc4788abfefdccaf8b2e62673cdd9eb1dc7d959
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f1a4a51455378e4dc8df3ad43341034b8a64663dcfa2679f3892717ccb242a
32276a1e45e05daccc43d76da72947d2acaf4c421c8acb5cea5bc45c48d28a2a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c680c039a7c71df985f40c5ac836e75b8d7897f877f0dac911509bb8ce756c
32f52b8a1ce45c301aacd2f2ae409a4a7c062fd36e5e82d4cfce3eac70deab72
3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
397573d616b2f2f202ddb08bd11860e2e8be72cb60bc9b13b97367d25915cd33
398679ed650dc3e4cdbea5689c56d09fe2c184273d9b76e468c3447a73c14b4b
3a4e793672b13d396ac33050eba557814cf1559504b393d15a25cbbab4aac011
3b134cd809c6a19c551d9436f904efdbe3726fc7741424b8c2cc402fff99f577
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445f1c14212e411213db2b5977acfe2443a318f31a8ad0e50ba526aa7f579c0b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4851141182a15315cb145e913bae5ae22e2225ad166cdbf0ba2c1ef5db8dc9b4
49e9f098e2fa8a7f920889affc875779056100b74abfe5f34c9b6985054c1d3d
4ab709475ac54d39d8c7b123b4ba8dacb8f2b9f61f1c82a888115c5fe86ef695
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7966902e836ea786aff3d524361b9eeeb91103698ca0eca1a5318f6a1a85ab
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4cd4a49cc6659ce6bf04a3f3604a34e2b5aab521057c52e326e4dc1b65fa2651
4df13c526ff0f84c49de003792de9d1256e1cfc34e17d6f9d12402b61241ef77
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaf5909fe48b7887f0f577e60aea78b741f20c84eacbdb7cd46de63e1016587
50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb
5324dde8156eb3be98a7c6c900646d3bb2bdd423af2e6090564ae66d5e9229e9
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4b0671fc364ab88679e5c22d6b0d70ab3f154e593bffe67fa4ecd8f1f1461
55ccbdbaa27631199497ba57202bb5c82981f6805f272fa8c02118be1f41d245
5aa9599851ca70a3756085330f92288adbdef53a09dc49645d3140eef67b5519
5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be
60ff86054727c55a94648b2a3d375a30d0f4ec1775f2444e9d7ba7e9e84c21bb
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e88026d379effdb840b2b2504c64a2e11900885441f1eeb3695d481d140193
64256d8211aebe9f85cbd2f625a1ea577540413f7c301ea451899987c75d2534
68d511a07b459a7e9fa7db459113881ccd3932313545b1c776022e3e5e21d863
699171c33635b7afd52c1581a8d3308aa1af5eab32a8996acffaa428310530ef
6d2002313fe4dc7cea780501d474df1d98af6be04b0cdb0a1366a841997a844f
6d3f802531be5cd9f0c8bd2573491dd5766b94ca7f2a5218225959419cd08df1
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7d347c731925b0b5acc41ad16582c431054e8739b9a5fe9216e34638a531dbb4
7d39b27cc3900912b1b79f65e2f1d48590cadd3455f23da59231890c5c7eabb5
7dbd449f02a5396173705983b22751598501933930ded270d300e68c905b5259
7ea66bd6768888d5b5ad1e4bdeb009091927e02a70574328056a3b98dbd53524
7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778
815e0c138f6f77700d3e43fb32bba558cd1870df24913ddda5caa9b508e5ed18
816827133e8b7b6964b9d194144b27966925b76923fc786a326873c00eed1489
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
834f991f763949d6143e42ae63133bd85f51b9c62dea1fd70d41b6a8d0ae97cd
836eea9098648195ed10f5ae2927e3f6b30ad7bf7b8a32a80bfd89f6fec7653d
83df6bb8897057a8caf2335848092c02418ed425060d403f4223b9ea990134cb
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852ec930a724b6c7bac9ad426e89c8b2921cd382350981232a2016373ac7168d
867ffec3af20a41f3df394f330df233355aee761f5c61ba1c427273169127d33
8705035cf0fd5a8366a76994aae9de1bb5966912c8c52023b798130c9935c1f9
878833034930c587ec4a5db7d092c8de5d0269656047e76fc016b9c927d93175
87c1af3973d2aa92a612746b0962e2a6b9d43c87a6655420e4231e06eb082211
87f7e626437ab9d9a53724b27a4f4b7e9eb7fa777934eccf796484789b3101df
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa8d08560aeb088e8d2dd8d1dd7b8eb233e3ca9251d1a0d01dd6ef603c5950a
8c3d630c5ae39363b269fb95be9a8b508b86735605bb0f4d80f2eafc7c09e010
8d4c7adc599852b039fa8c7eee377d82229e0acba62a7c9f002bd2a246fd27b4
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
961020d0efe656c99d2be6010e9a6fdb40709129310cae1fb7a5c92a7aa02e44
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
985b6466f4bb2a9fa8d26cffc0474313e3c88977cd255fbff494538efa1cbeba
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e04561b7c210f1f73737c0744e8e081183cf25d6a21332d52bc6321cc5e3bca
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a21abd6022733d362d6ef16e636ff0f764bf42e33b8d2cd71e7c980e4830e45b
a4011f24f951c1c1f02e0c9155b9a34bbaf6de203647c80350bf460a80b711fa
a4ff94047956e5c12c16f8deda8d226f7ec44386867e96db38ce3cc617ac1868
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5dda836e330652d53ba332e434ed1851651054afb1b0e0e13d8171b48163ac4
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a84f128a88d8d1b3987d2b7b361c60185a6bee0742f3d6006e207c03db420853
ab6f9ca53170a0cf1a27cba4bfb88255d012b8f52ccd7c70027925d3e8a9ed0f
ac799f588e56af6108fc38f8b3ae88dcba32efa3ed2b66d0098453c8e13d3d7c
acbc138b5b643e2b872faf9159f3d132cb2deeb516d1cc74634063b092f92e49
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01119315436bd3833361eb75ecbdcfdd440dcb56501b4e0b723504ebcb0dd6b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b080b807d04bc53c13d4f6187150410a33ba67d922aaa5fa92e4415c00dcb00a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2358cb659bf297f749541b366e8ad0fdaafa5825074b78ab33fb74fb0bb55df
b55b71f4979d078b8caa9673b2d06b61fd9ad9c7cefd614ab46b80ee19d1e0c9
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
ba2041dfdf774964cba3c841a0335e9d7c649b85ff92c14a4cfe144c37d84d3b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c77b820ac1ce0e0962e7c2e834a4f1afb0c214d932a0b554d8a8a26e73fe9a11
c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d
c8b305274ef7d515f8202fcf7329ad4df8a9e3316aed90eef7a7021f11a4f6e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d4355a580611554bb609332baebf6b757d7aa9820bf9af415ce6c3ca5e6bb184
d638f4f70cf32d8de9b96a8d23aa097358fff6429de6e191c7ee131ed688423a
d67d230ae95712c0093c288cba19921dbb227c2cecd64db62e85678cc1b43954
da4751ec73e5d238811ee5534f1d087a57dbd5e6f018fbc3f7fd2daddce4d9f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de58674eff9a7f8dad274fa31507749fdfcf2df5a460736822f13ca172fd01f6
deea5aa51b632606d172c672524286d437975f46ffaa264c55d20a8379370942
e04601f9d2e0235d87d2778f689d549fb11533393819c2851dd9ca45396bb5fe
e237dee547d69d6d5003615dfa74165ab8095c9063c6229a60bdc8d3c9eb1a7d
e2e49f5e40e39f5614535953895df892bc0c254a5320538f569c855fb78cdc74
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
eeb9b061abe3312b5b7f646784d9a728d963b1f632c6df4d560cb33b67636b2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22fd4eba7ff7e891e024904b6af40c5b50d91b13cc38f01d656fa188f26241c
f2d37b3f56d20ce8c2d4421966455b1b4825917558550c1bbe4436a7392e5b7c
f319cdc456b56a68e1d05eed09015bcd7a290d6d2fded69e7dafea74579f3675
f364d11c56e0113d9588e72e36ebd378f60d8eae59e1902cbd308c5c8576e7fb
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f723ce7dff47c0ab2c047ec493efcc075cc2ae9ce1b0a7e78d816c531dd63cc7
f79af5591075b68476e2f537aecab2b1b45ae632a811495e48435d8a55b11b25
f874a699f20f0730b99a3d16cea28bb4869c0f684dd9cdf40a5e33fa4853a69f
fa7d6ac935d3cf0bf7ac4547294cf5a2b513f96c4c098f19ef01af77e512502e