www.terra.com.br Open in urlscan Pro
2a02:26f0:f500:9::5c7b:8528 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalm...
Submission: On November 22 via api (November 22nd 2023, 1:21:41 am UTC) from US — Scanned from DE

Summary HTTP 252 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 71 IPs in 9 countries across 52 domains to perform 252 HTTP transactions. The main IP is 2a02:26f0:f500:9::5c7b:8528, located in Munich, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.terra.com.br. The Cisco Umbrella rank of the primary domain is 196011.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 3rd 2023. Valid for: a year.

This is the only time www.terra.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a02:26f0:f50... 2a02:26f0:f500:9::5c7b:8528	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
58	2a02:26f0:f50... 2a02:26f0:f500:9::5c7b:8502	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e4:... 2606:4700:e4::ac40:af02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:9400:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9d	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.212.46.188 52.212.46.188	16509 (AMAZON-02) (AMAZON-02)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.97.121 18.66.97.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
1	13.32.27.78 13.32.27.78	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::201b	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
2	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1 8	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6 19	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:be7c:8786:5b47:1e53	16509 (AMAZON-02) (AMAZON-02)
1	54.76.20.17 54.76.20.17	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.142.228 3.121.142.228	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	81.17.55.108 81.17.55.108	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.211.9.60 23.211.9.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
252	71

8 2a02:26f0:f500:9::5c7b:8528 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a02:26f0:f500:9::5c7b:8502 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p2.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:af02 (United States)

ASN13335 (CLOUDFLARENET, US)

audio10.audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.46.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-121.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10969-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:be7c:8786:5b47:1e53 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.20.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-20-17.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.142.228 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-142-228.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.108 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.9.60 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-60.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	trrsf.com s1.trrsf.com — Cisco Umbrella Rank: 292127 p2.trrsf.com — Cisco Umbrella Rank: 239006 p1.trrsf.com — Cisco Umbrella Rank: 283751	497 KB
40	googlesyndication.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	237 KB
32	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 ad.doubleclick.net — Cisco Umbrella Rank: 154	268 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	650 KB
10	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 bidder.criteo.com — Cisco Umbrella Rank: 757	15 KB
9	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609	44 KB
8	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 63384 d.tailtarget.com — Cisco Umbrella Rank: 71637 tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 386139 b.t.tailtarget.com — Cisco Umbrella Rank: 57903 t.tailtarget.com — Cisco Umbrella Rank: 7625	46 KB
8	terra.com.br www.terra.com.br — Cisco Umbrella Rank: 196011	33 KB
6	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	19 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	70 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	3 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 us-u.openx.net — Cisco Umbrella Rank: 522	1 KB
5	google.com ampcid.google.com — Cisco Umbrella Rank: 2931 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 24	81 KB
5	audima.co audio10.audima.co — Cisco Umbrella Rank: 389717	123 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3046 launchpad.privacymanager.io — Cisco Umbrella Rank: 2789 geo.privacymanager.io — Cisco Umbrella Rank: 1825	28 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	23 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1611 ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	971 B
3	media.net prebid.media.net — Cisco Umbrella Rank: 1335 contextual.media.net — Cisco Umbrella Rank: 691	12 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	74 KB
2	rlcdn.com check.analytics.rlcdn.com — Cisco Umbrella Rank: 4188 api.rlcdn.com — Cisco Umbrella Rank: 957	636 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	326 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	585 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	953 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1735	454 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 409	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	85 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	35 KB
2	google.de ampcid.google.de — Cisco Umbrella Rank: 86280 www.google.de — Cisco Umbrella Rank: 6862	777 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 146086	606 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	574 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	199 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	549 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	538 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11905	60 B
1	gstatic.com fonts.gstatic.com	48 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4524	603 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	taboola.com c2.taboola.com — Cisco Umbrella Rank: 8407	18 KB
1	trrsf.com.br p1.trrsf.com.br — Cisco Umbrella Rank: 599398	29 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	89 KB
252	52

	Domain	Requested by
40	s1.trrsf.com	www.terra.com.br s1.trrsf.com
25	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.terra.com.br s0.2mdn.net www.googletagservices.com
19	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
18	s0.2mdn.net	www.terra.com.br s0.2mdn.net 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com www.terra.com.br s0.2mdn.net
11	p2.trrsf.com	www.terra.com.br
8	ib.adnxs.com	1 redirects s1.trrsf.com googleads.g.doubleclick.net acdn.adnxs.com
8	www.terra.com.br	s1.trrsf.com
6	gum.criteo.com	2 redirects static.criteo.net s1.trrsf.com
6	p1.trrsf.com	s1.trrsf.com
5	audio10.audima.co	www.terra.com.br audio10.audima.co
5	securepubads.g.doubleclick.net	www.terra.com.br securepubads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	c.amazon-adsystem.com	s1.trrsf.com c.amazon-adsystem.com
3	www.google.com	www.terra.com.br tpc.googlesyndication.com 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
3	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	static.criteo.net	securepubads.g.doubleclick.net s1.trrsf.com static.criteo.net
3	www.google-analytics.com	www.terra.com.br www.google-analytics.com
2	eus.rubiconproject.com	s1.trrsf.com eus.rubiconproject.com
2	ad.doubleclick.net	www.terra.com.br
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.terra.com.br
2	onetag-sys.com	1 redirects 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	www.googletagservices.com	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
2	fastlane.rubiconproject.com	s1.trrsf.com
2	prg.smartadserver.com	s1.trrsf.com
2	bidder.criteo.com	s1.trrsf.com
2	s.seedtag.com	s1.trrsf.com
2	prebid.media.net	s1.trrsf.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-10969-0.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.terra.com.br d.tailtarget.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdnjs.cloudflare.com	audio10.audima.co cdnjs.cloudflare.com
2	mug.criteo.com	www.terra.com.br
2	oajs.openx.net	1 redirects www.terra.com.br
2	sb.scorecardresearch.com	s1.trrsf.com www.terra.com.br
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	s1.trrsf.com
1	contextual.media.net	s1.trrsf.com
1	api.rlcdn.com	s1.trrsf.com
1	check.analytics.rlcdn.com	s1.trrsf.com
1	portal.o2online.de
1	ssbsync.smartadserver.com	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	match.360yield.com	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	m.exactag.com	6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	t.tailtarget.com
1	storage.googleapis.com	tags.t.tailtarget.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	accounts.google.com	s1.trrsf.com
1	launchpad-wrapper.privacymanager.io	s1.trrsf.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	audio10.audima.co
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.google.de	www.terra.com.br
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	ampcid.google.de	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	c2.taboola.com	www.terra.com.br
1	tags.t.tailtarget.com	s1.trrsf.com
1	p1.trrsf.com.br	www.terra.com.br
1	www.googletagmanager.com	www.terra.com.br
252	88

This site contains links to these domains. Also see Links.

Domain
servicos.terra.com.br
central.terra.com.br
www.terraempresas.com.br
mail.terra.com.br
api.whatsapp.com
epipoca.com.br
filmow.com
www.disneyplus.com
www.adorocinema.com
terra.com.br

Subject Issuer	Validity	Valid
terra.com.br DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-11-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
audima.co GTS CA 1P5	`2023-10-08` - `2024-01-06`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
portal.o2online.de E1	`2023-10-01` - `2023-12-30`	3 months	crt.sh
analytics.rlcdn.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-24`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Frame ID: 0129017D69DA620C70B8C564A267A007
Requests: 138 HTTP requests in this frame

Frame: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0B1633B503D414D85B880FD6CBC5200
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.terra.com.br
Frame ID: 045203C60FC02478CA12569E72A789BA
Requests: 2 HTTP requests in this frame

Frame: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Frame ID: 3E2A6895596893EA41F48FF85EB33431
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9B51BB561B8E20FA835EBDE38D2F136F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E01D392CCF3C1262E7D60FAE9D723D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBE0C0CFD3332E43FC255DC87B8C14E3
Requests: 2 HTTP requests in this frame

Frame: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E290904FA5AA44045B93260CDBAFA35A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Frame ID: 04ADA363DBBBB5FA90AEE26F591372DB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9021144CF8AFEFE77FC35B69A4E8231D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2B245805047D9B03C0F8DA0FC3D2D56
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Frame ID: 6EFC8F64250D26B91FB326BE27C7F98E
Requests: 7 HTTP requests in this frame

Frame: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E79108410034E8C37E015E6BABD2FD53
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Frame ID: 98705DD6FC8DAA8340301B138D3DDE25
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FE1DCBF85EB3FDA297C82072EB8DC2F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E35D90B71DFD3542E509F6939DCF4D3C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Frame ID: FCBD7051AE4E4EF9134B1153F95BEEA6
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 9C3E2F126B35993292995173FC5FD69D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br
Frame ID: 4CE826F36BAD2E8E7BF19A59CEF07CD1
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8E87C7B94FA182B8A728974C1552DCE7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D9656108B72C42C6580BF1738750379
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C41B969CC0CD4E54BB4CAFD34D1EE6F9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Série de fantasia esquecida no Prime Video retorna após 2 anos e acidentalmente estraga uma grande reviravolta

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Wink (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:_base/js/base|wink).*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

252
Requests

92 %
HTTPS

41 %
IPv6

52
Domains

88
Subdomains

71
IPs

9
Countries

2689 kB
Transfer

7171 kB
Size

59
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://servicos.terra.com.br/categorias/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=header&utm_content=home_terra-friday&utm_term=todos_produtos_terra-friday&cdConvenio=CVTR00001907
Title: Terra Friday

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/login?next=http://central.terra.com.br/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=header&utm_content=pg&utm_term=central&cdConvenio=CVTR00001907
Title: Central do Assinante

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=header&utm_content=pg&utm_term=terra-mail-gigante_pos-01&cdConvenio=CVTR00001907
Title: Terra Mail

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/construtor-sites/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=header&utm_content=pg&utm_term=construtor-de-sites_pos-02&cdConvenio=CVTR00001907
Title: Construtor de Sites

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/para-voce/seguranca-digital/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=header&utm_content=pg&utm_term=seguranca-digital_pos-03&cdConvenio=CVTR00001907
Title: Segurança Digital

Search URL Search Domain Scan URL

URL: https://mail.terra.com.br/ozone?utm_source=portal-terra&utm_medium=home
Title: E-mail

Search URL Search Domain Scan URL

URL: http://central.terra.com.br/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=menu_usuario&utm_content=pg&utm_term=central&cdConvenio=CVTR00002081
Title: Acessar Central do Assinante

Search URL Search Domain Scan URL

URL: https://mail.terra.com.br/signin/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=menu_usuario&utm_content=pg&utm_term=mail-terra&cdConvenio=CVTR00002081
Title: Acessar e-mail do Terra

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/atendimento/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=menu_usuario&utm_content=pg&utm_term=fale-terra&cdConvenio=CVTR00002081
Title: Fale com o Terra

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/boleto-simplificado/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=menu_usuario&utm_content=pg&utm_term=2-via-boleto&cdConvenio=CVTR00002081
Title: 2ª via de boleto

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=5508007771234&text=Quero+saber+mais&type=phone_number&app_absent=0&utm_campaign=menu_usuario&utm_source=portal-terra&utm_content=pg&utm_term=compre-via-whatsapp&cdConvenio=CVTR00002081
Title: Compre pelo Whatsapp

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/?utm_source=portal-terra&utm_medium=espaco-fixo&utm_campaign=menu_usuario&utm_content=pg&utm_term=capa-triagem&cdConvenio=CVTR00002081
Title: Conheça nossos produtos

Search URL Search Domain Scan URL

URL: https://epipoca.com.br/
Title: ePipoca

Search URL Search Domain Scan URL

URL: https://filmow.com/
Title: Filmow

Search URL Search Domain Scan URL

URL: https://www.disneyplus.com/series/loki/6pARMvILBGzF
Title: Patrocínio

Search URL Search Domain Scan URL

URL: https://www.adorocinema.com/noticias/series/noticia-1000037252/
Title: Leia o artigo em AdoroCinema

Search URL Search Domain Scan URL

URL: https://www.adorocinema.com/noticias/filmes/noticia-161376/
Title: A Roda do Tempo: Guia para entender o universo mágico da série estrelada por Rosamund Pike

Search URL Search Domain Scan URL

URL: https://www.adorocinema.com/noticias/filmes/noticia-161400/
Title: A Roda do Tempo: Conheça os personagens principais da nova série do Amazon Prime Video

Search URL Search Domain Scan URL

URL: https://www.adorocinema.com/noticias/filmes/noticia-161859/
Title: A Roda do Tempo: Estreia, mudanças no elenco e novos personagens; saiba tudo sobre a 2ª temporada

Search URL Search Domain Scan URL

URL: https://www.adorocinema.com/noticias/filmes/noticia-164516/
Title: A Roda do Tempo: Série com Rosamund Pike tem spin-off que poucos conhecem

Search URL Search Domain Scan URL

URL: http://terra.com.br/newsletter
Title: Os melhores conteúdos no seu e-mail gratuitamente. Escolha a sua Newsletter favorita do Terra. Clique aqui!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp&cc=1

Request Chain 80

https://gum.criteo.com/sid/json?origin=publishertagids&domain=terra.com.br&sn=ChromeSyncframe&so=0&topUrl=www.terra.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UWgwUDBqanUzRkZUV3lqY1ZNQ0hBVldFWi9Vei9ib2RzN3piRGxMVzZIblZ2d0R2OVpzdFU4aUpQdVpxMTk5eVhnQmFCbjBPeFA3MGlGbW83MHArbURiRzJUdGlkTSsxclhoSllybDJrUTVTZnordzdFMWpFZkxKdkRScVFNR0cyTjgyNUw1ZWFqd3lEdVgrV0ppN2lmblliZExNd2tEZz09fA&cppv=2

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV1XoCp4HvP0U.2c-ktRiAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1

Request Chain 166

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D

Request Chain 174

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_cver=1&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX

Request Chain 175

https://ads.travelaudience.com/google_pixel?google_gid=CAESENausSCMVOSCerJklFtNsL0&google_cver=1&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy

Request Chain 176

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B

Request Chain 178

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKjiQ7K_p2h9d_I7egdnjvk&google_cver=1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700616096798 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-78d37647-689a-45cd-9822-8b33fcc3e918-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv%26google_hm%3DA3jTdkdomkXNmCKLM_zD6Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg

Request Chain 179

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIU5VN3vnNOuVj38s87moYo&google_cver=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD&google_gid=CAESEIU5VN3vnNOuVj38s87moYo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD

Request Chain 180

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECTGz0mBQLXmkwq7t9KjY84&google_cver=1&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2v31lk1ky97d4rJQBN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2v31lk1ky97d4rJQBN HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1

Request Chain 209

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv

Request Chain 210

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B

Request Chain 211

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM

Request Chain 212

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHCCOlT-2CKE7lPcCdhdj8&google_cver=1&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE

Request Chain 213

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_cver=1&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF

Request Chain 241

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMkYlMkJ5d3VPRFlicjd0UXhJZjBhUHNUeDBWTUtqTjZuajcwZEE5Sm1jbDIybkhZN2FRUUtpQWVzV1YycW9xZGJXTE16UVhFUmFzR010bVBwaHVoakN3Skd3ck9nZFZGVjhVSTNZY0NPdlQwckElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0VvYS9sQmhUbXg3SUZjcjhaRHpDUEV5MjdUWFh0TXFlVnArTlRZUEZZd0dCZjZmbkZpZkhKOWk4NkxZc29VOEJaSkJkNkhKa3c2alRLOGhDTFFYUVdJYXcvR2I4a0FydlJLZElhdUF3VkEwOWwyaW9jcVFpU1dRZzBjcXJta3k3MzRCeDNHd2owWm1tanVNdzNGdG9obko1bEtoTDNibG1SUW41T0Q5clNHTThialRHLzFpOD18&cppv=2

252 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html Show response
www.terra.com.br/diversao/entre-telas/ 139 KB
27 KB 1221ms
1016ms Document
text/html 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8b305274ef7d515f8202fcf7329ad4df8a9e3316aed90eef7a7021f11a4f6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=120, stale-while-revalidate=7200, stale-if-error=3600
content-encoding: gzip
content-length: 27359
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security: max-age=15552000
timing-allow-origin: *
vary: Accept-Encoding
x-cache-profile: content
x-cms-delivery-uuid: 5c574090-785a-46ec-ad79-088ad8140fd5
x-frame-options: SAMEORIGIN
x-http-reason: OK
x-mt-cache: EXPIRED
x-original-ua: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-xact-montador-time: 1700616092
x-xact-uuid: 57592f43-52bd-4bb9-b55d-5b30931cd26e

GET
H2 200 nunito-sans-v6-latin-regular.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 20 KB
21 KB 186ms
70ms Font
application/font-woff 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v6-latin-regular.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: da4751ec73e5d238811ee5534f1d087a57dbd5e6f018fbc3f7fd2daddce4d9f2

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Tue, 24 Jan 2023 18:55:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 20976

GET
H2 200 nunito-sans-v6-latin-700.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 21 KB
21 KB 171ms
55ms Font
application/font-woff 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v6-latin-700.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: a84f128a88d8d1b3987d2b7b361c60185a6bee0742f3d6006e207c03db420853

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Tue, 24 Jan 2023 18:55:39 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 21068

GET
H2 200 lora-v20-latin-700.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 23 KB
23 KB 156ms
40ms Font
application/font-woff 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/lora-v20-latin-700.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8aa8d08560aeb088e8d2dd8d1dd7b8eb233e3ca9251d1a0d01dd6ef603c5950a

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Tue, 24 Jan 2023 18:55:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 23352

GET
H2 200 nunito-sans-v8-latin-900.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 21 KB
21 KB 151ms
34ms Font
application/font-woff 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v8-latin-900.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 83df6bb8897057a8caf2335848092c02418ed425060d403f4223b9ea990134cb

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Tue, 24 Jan 2023 18:55:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 21268

GET
H2 200 1899196327-d74df7dc26b3ce74743a3bf9534e6ad6.jpg
p2.trrsf.com/image/fget/cf/774/0/images.terra.com/2023/08/20/ 59 KB
59 KB 776ms
767ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/774/0/images.terra.com/2023/08/20/1899196327-d74df7dc26b3ce74743a3bf9534e6ad6.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: e04601f9d2e0235d87d2778f689d549fb11533393819c2851dd9ca45396bb5fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
last-modified: Sun, 20 Aug 2023 03:36:34 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 60420

GET
H2 200 zaz.min.js Show response
s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/ 347 KB
84 KB 191ms
74ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 32276a1e45e05daccc43d76da72947d2acaf4c421c8acb5cea5bc45c48d28a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Mon, 07 Aug 2023 20:45:04 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 85247

GET
H2 200 mod-manager.min.js Show response
s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/ 42 KB
11 KB 187ms
71ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/mod-manager.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 87f7e626437ab9d9a53724b27a4f4b7e9eb7fa777934eccf796484789b3101df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Wed, 04 Oct 2023 14:35:07 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 11016

GET
H2 200 context.min.css
s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_css/ 63 KB
8 KB 151ms
35ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_css/context.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 867ffec3af20a41f3df394f330df233355aee761f5c61ba1c427273169127d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 14:30:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8164

GET
H2 200 essential-solid.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/ 7 KB
922 B 154ms
38ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: f79af5591075b68476e2f537aecab2b1b45ae632a811495e48435d8a55b11b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 12:35:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 613

GET
H2 200 sizes.min.css
s1.trrsf.com/update-1690492505/fe/zaz-mod-t360-icons/_css/ 1 KB
606 B 155ms
39ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1690492505/fe/zaz-mod-t360-icons/_css/sizes.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b080b807d04bc53c13d4f6187150410a33ba67d922aaa5fa92e4415c00dcb00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 21:15:05 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 297

GET
H2 200 essential.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/ 2 KB
546 B 154ms
38ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 398679ed650dc3e4cdbea5689c56d09fe2c184273d9b76e468c3447a73c14b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 12:35:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 237

GET
H2 200 portal-sva-solid.min.css
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/ 2 KB
545 B 153ms
37ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/portal-sva-solid.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 87c1af3973d2aa92a612746b0962e2a6b9d43c87a6655420e4231e06eb082211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 12:35:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 236

GET
H2 200 theme-default.min.css
s1.trrsf.com/update-1690223707/fe/zaz-app-t360-cards/_css/ 10 KB
2 KB 226ms
111ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1690223707/fe/zaz-app-t360-cards/_css/theme-default.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 195230e030a8055f38f964f9667efa1bd84e80971ea937cdb1812089f4393324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Mon, 24 Jul 2023 18:35:07 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1968

GET
H2 200 theme-default.min.css
s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_css/ 16 KB
3 KB 150ms
35ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_css/theme-default.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 7d347c731925b0b5acc41ad16582c431054e8739b9a5fe9216e34638a531dbb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 14 Nov 2023 16:50:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 3018

GET
H2 200 context.min.css
s1.trrsf.com/update-1698781505/fe/zaz-ui-t360-content/_css/ 73 KB
9 KB 155ms
40ms Stylesheet
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1698781505/fe/zaz-ui-t360-content/_css/context.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 7d39b27cc3900912b1b79f65e2f1d48590cadd3455f23da59231890c5c7eabb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 31 Oct 2023 19:45:05 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8481

GET
H2 200 context.min.js Show response
s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/ 31 KB
9 KB 163ms
65ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: ac799f588e56af6108fc38f8b3ae88dcba32efa3ed2b66d0098453c8e13d3d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 14:30:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8583

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 87ms
33ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14e86be33c26b00a3b148def30c076c8418aa847eab12691fad3afaf3a4ed4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31943
x-xss-protection: 0
server: cafe
etag: 786 / 19683 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 01:21:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 23:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5515
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 01:49:38 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 86ms
32ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Nov 2023 02:14:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 88ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c3d630c5ae39363b269fb95be9a8b508b86735605bb0f4d80f2eafc7c09e010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 01:21:33 GMT

GET
H2 200 audima-widget.js Show response
audio10.audima.co/ 274 KB
92 KB 123ms
46ms Script
application/javascript 2606:4700:e4::ac40:af02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/audima-widget.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01119315436bd3833361eb75ecbdcfdd440dcb56501b4e0b723504ebcb0dd6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 11:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12237
etag: W/"654cc711-44942"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRASI%2B0zaOBjHwAqHQ%2BxTORqqvyE8DYUViyivEDrD19XLxe284l7xQsFb1wffF5r5kR8FlDBhqK7%2FBWvfitAT9cN1CtALVqDO5iflotFTqhlNhJ64ZezFwiAwg3gC4BhWv1zwhVMh03ngVS5T%2BPpQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 829d5b37bbf7f0cb-CDG
expires: Tue, 21 Nov 2023 23:53:54 GMT

GET
H2 200 app-t360-cards.min.js Show response
s1.trrsf.com/update-1695327305/fe/zaz-app-t360-cards/_js/ 11 KB
3 KB 162ms
65ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1695327305/fe/zaz-app-t360-cards/_js/app-t360-cards.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: acbc138b5b643e2b872faf9159f3d132cb2deeb516d1cc74634063b092f92e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 20:15:05 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 3042

GET
H2 200 prebid.js Show response
s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/ 319 KB
93 KB 47ms
46ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 985b6466f4bb2a9fa8d26cffc0474313e3c88977cd255fbff494538efa1cbeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 21:45:09 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 95298

GET
H2 200 app-t360-navbar.min.js Show response
s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_js/ 40 KB
9 KB 169ms
72ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_js/app-t360-navbar.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f364d11c56e0113d9588e72e36ebd378f60d8eae59e1902cbd308c5c8576e7fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 14 Nov 2023 16:50:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 9186

GET
H2 200 context.min.js Show response
s1.trrsf.com/update-1698781506/fe/zaz-ui-t360-content/_js/ 64 KB
14 KB 164ms
68ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1698781506/fe/zaz-ui-t360-content/_js/context.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 2abaed58100b1df83a5738ff8ef9f0785257e6c703dc770153059f3661b407c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 31 Oct 2023 19:45:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 14172

GET
H2 200 entre-telas-light-rlanosies8xe.png
p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/ 1 KB
1 KB 521ms
518ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/entre-telas-light-rlanosies8xe.png
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 08a50a6a84fd01cbe4d55ed7f9c4079344ccc60f089329a225369b3954c03197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Fri, 24 Mar 2023 13:22:00 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1134

GET
H2 200 entre-telas-dark-1hv5htx0vvhic.png
p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/ 2 KB
2 KB 424ms
422ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/74/40/images.terra.com/2023/03/24/entre-telas-dark-1hv5htx0vvhic.png
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 5aa9599851ca70a3756085330f92288adbdef53a09dc49645d3140eef67b5519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Fri, 24 Mar 2023 13:22:29 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1754

GET
H2 200 logo-azul-disney-qxi8vqo4kyna.png
p2.trrsf.com/image/fget/cf/88/48/images.terra.com/2023/10/09/ 3 KB
3 KB 182ms
180ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/88/48/images.terra.com/2023/10/09/logo-azul-disney-qxi8vqo4kyna.png
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 25281465cabc83360f736a7f6b22716ff3b7855711e511bfa850f576fcec6292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Mon, 09 Oct 2023 13:38:42 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2980

GET
H2 200 876543170-47865daa9da111435721c195e52a6b29.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/17/ 5 KB
6 KB 509ms
507ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/17/876543170-47865daa9da111435721c195e52a6b29.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 64256d8211aebe9f85cbd2f625a1ea577540413f7c301ea451899987c75d2534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Fri, 17 Nov 2023 18:19:27 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5616

GET
H2 200 1504268609-dc3ff2025c16065e42c7854cde66ded9.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/19/ 5 KB
6 KB 555ms
555ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/19/1504268609-dc3ff2025c16065e42c7854cde66ded9.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4851141182a15315cb145e913bae5ae22e2225ad166cdbf0ba2c1ef5db8dc9b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
last-modified: Sun, 19 Nov 2023 15:31:24 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5430

GET
H2 200 393335462-a2ba586cc6d9b8176a0518c2256162c0.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/16/ 5 KB
5 KB 533ms
532ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/11/16/393335462-a2ba586cc6d9b8176a0518c2256162c0.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e237dee547d69d6d5003615dfa74165ab8095c9063c6229a60bdc8d3c9eb1a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
last-modified: Thu, 16 Nov 2023 14:31:23 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5246

GET
H2 200 bars.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/ 601 B
577 B 37ms
36ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/bars.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: deea5aa51b632606d172c672524286d437975f46ffaa264c55d20a8379370942

Request headers

Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 263

GET
H2 200 terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 6 KB
3 KB 158ms
157ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699980606/fe/zaz-app-t360-navbar/_css/theme-default.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 01:21:33 GMT
x-cdnterra-cache-status: STALE
content-length: 2595
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 envelope.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/ 724 B
732 B 37ms
36ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/envelope.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 072aac53b7b3f4423dcffc13541197aa59fc1c8e170e88164772c32d0d88d764

Request headers

Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 418

GET
H2 200 user.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/ 516 B
629 B 37ms
37ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/user.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 816827133e8b7b6964b9d194144b27966925b76923fc786a326873c00eed1489

Request headers

Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 315

GET
H2 200 angle-right.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/ 449 B
568 B 38ms
37ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/angle-right.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f874a699f20f0730b99a3d16cea28bb4869c0f684dd9cdf40a5e33fa4853a69f

Request headers

Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 254

GET
H2 200 share.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/ 577 B
673 B 37ms
37ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/share.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 0c23c1806fe41e0f14a9b5b3c0f9e188f338410d4d0e13175ce79605f55e5b64

Request headers

Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 359

GET
H2 200 ac_logo_light_horizontal-u7wu814c9vsh.png
p2.trrsf.com/image/fget/sc/80/30/images.terra.com/2023/01/23/ 1 KB
2 KB 481ms
480ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/sc/80/30/images.terra.com/2023/01/23/ac_logo_light_horizontal-u7wu814c9vsh.png
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: ab6f9ca53170a0cf1a27cba4bfb88255d012b8f52ccd7c70027925d3e8a9ed0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Mon, 23 Jan 2023 17:36:32 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1406

GET
H2 200 terranovembro_03_doramas-1iepifvy2dl5u.jpg
p1.trrsf.com.br/image/fget/cf/648/364/images.terra.com/2023/11/21/ 28 KB
29 KB 389ms
176ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.trrsf.com.br/image/fget/cf/648/364/images.terra.com/2023/11/21/terranovembro_03_doramas-1iepifvy2dl5u.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 0ee7402f66e72ebec175b110cb2f29f2272d3a0aff70676057e114d6101a5c25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
last-modified: Tue, 21 Nov 2023 17:26:56 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 29162

GET
H2 200 284235015-793b65b7348552a4bdef10c8dfab1136.jpg
p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/ 6 KB
6 KB 544ms
543ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/284235015-793b65b7348552a4bdef10c8dfab1136.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: f22fd4eba7ff7e891e024904b6af40c5b50d91b13cc38f01d656fa188f26241c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
last-modified: Thu, 16 Nov 2023 03:22:23 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5988

GET
H2 200 545558250-4a77a1be0da009a3332e5be9cd862eb1.jpg
p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/20/ 6 KB
6 KB 540ms
539ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/20/545558250-4a77a1be0da009a3332e5be9cd862eb1.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 3a4e793672b13d396ac33050eba557814cf1559504b393d15a25cbbab4aac011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
last-modified: Mon, 20 Nov 2023 04:04:20 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 6338

GET
H2 200 1070790549-ecb0cbd451ee0b0d09b42adf8144238c.jpg
p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/ 6 KB
7 KB 571ms
571ms Image
image/webp 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/306/168/smart/images.terra.com/2023/11/16/1070790549-ecb0cbd451ee0b0d09b42adf8144238c.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: a4011f24f951c1c1f02e0c9155b9a34bbaf6de203647c80350bf460a80b711fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
last-modified: Thu, 16 Nov 2023 18:58:25 GMT
server: Terra Web Server
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 6556

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 347 KB
30 KB 84ms
20ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: d4355a580611554bb609332baebf6b757d7aa9820bf9af415ce6c3ca5e6bb184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:35:18 GMT
content-encoding: gzip
via: 1.1 google
age: 6375
x-guploader-uploadid: ABPtcPq6YGt77RzPPjPrhnO8uHoyPGtPe5RLEzXhuAKB0rV9DNsnUll1Q4UxLZH2wkH1zXiYEdSt77GiNA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29758
last-modified: Tue, 07 Nov 2023 16:17:10 GMT
server: nginx/1.8.1
etag: "05c71adf5092030b021d6131ca7a71af"
vary: Accept-Encoding
x-goog-generation: 1699373830066888
x-goog-hash: md5=Bcca31CSAwsCHWExynpxrw==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 29758
accept-ranges: bytes
expires: Wed, 22 Nov 2023 01:35:18 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 72ms
20ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:28:32 GMT
content-encoding: gzip
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 57182
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: b_HsEDK-cSbnW68--rCweWKJ7x4mb-66CHmnth7b9aBWCpS2VYrmYA==

GET
H2 200 zaz-globalstorage-min.js Show response
s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/ 40 KB
11 KB 35ms
35ms Fetch
application/x-javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/zaz-globalstorage-min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:47 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 11113

GET
H2 200 mod-user-navigation.min.js Show response
s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/ 2 KB
1 KB 33ms
33ms Fetch
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/mod-user-navigation.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:55 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 800

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/terrabr/ 60 KB
18 KB 355ms
239ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/terrabr/newsroom.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a21abd6022733d362d6ef16e636ff0f764bf42e33b8d2cd71e7c980e4830e45b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 01:21:33 GMT
x-amz-request-id: Q2FCBS8S1P6JRQ3Q
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17554
x-amz-id-2: mZKscEJZUefLwDKigQxEQqbHTrVblTQBUbs3SkxPCBUQ+Ixo4uhVtp9j1aF2SCZGRyLtkw8vlF4=
x-served-by: cache-cph2320056-CPH
last-modified: Thu, 03 Aug 2023 20:35:14 GMT
server: AmazonS3
x-timer: S1700616094.554077,VS0,VE198
etag: "35a02d4909c48aaced3d0622779b8b6a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 92ms
26ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52976
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 10:38:37 GMT

GET
H2 200 mod-stalker.min.js Show response
s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/ 23 KB
7 KB 34ms
33ms Fetch
application/x-javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a5dda836e330652d53ba332e434ed1851651054afb1b0e0e13d8171b48163ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 6760

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 78ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FJBH1GT2QG&gtm=45je3b81v877568120&_p=1700616093391&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1025678541.1700616094&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700616093&sct=1&seg=0&dl=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&dt=S%C3%A9rie%20de%20fantasia%20esquecida%20no%20Prime%20Video%20retorna%20ap%C3%B3s%202%20anos%20e%20acidentalmente%20estraga%20uma%20grande%20reviravolta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channel=diversao&ep.subchannel=entre-telas&ep.breadcrumb=diversao.entre-telas&ep.content_id=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&ep.content_type=not&ep.os_theme=light&ep.content_source=adorocinema&ep.content_author=giovannirodrigues&ep.amp=false&ep.page_theme=light&epn.network_downlink=10&ep.network_effective_type=4g&ep.network_data_saver=false&ep.display_mode=browser&ep.partner_type=interno&ep.published_date=2023-08&epn.device_memory=8&epn.device_pixel_ratio=1&epn.navigation_type=0&ep.content_provider=adorocinema&ep.product=portal&ep.article_special=false&ep.paid_content=false&tfd=1686
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 129ms
64ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 24ms
23ms Image
text/plain 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700616093575&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&c8=S%C3%A9rie%20de%20fantasia%20esquecida%20no%20Prime%20Video%20retorna%20ap%C3%B3s%202%20anos%20e%20acidentalmente%20estraga%20uma%20grande%20reviravolta&c9=
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: K5O9Nnik4N9C4OJKnf2zBGBDNcyWPQRbmafYOuzM3Q6wYincxReE3w==
x-cache: Miss from cloudfront

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 93ms
35ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 338991
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 829d5b39af643673-FRA
expires: Sat, 25 Nov 2023 01:21:33 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 79ms
23ms Script
text/javascript 2600:9000:2250:9400:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 21 Nov 2023 10:03:28 GMT
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 55086
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 35cljPwgTuol-qzogikHKNecTqtRQumtOU33MvJD8TpTt57aQnqWCg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 156 KB
34 KB 89ms
34ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab709475ac54d39d8c7b123b4ba8dacb8f2b9f61f1c82a888115c5fe86ef695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 16:21:00 GMT
server: cloudflare
x-amz-request-id: C29T5NQYSAJD31W6
age: 416
etag: W/"9391f2de0f47103f7dd948a8fdf8a53f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 829d5b399b5e1963-FRA
x-amz-id-2: UmMKe9LLqKwXxa1qOeD/JIu5JyIDsMpTkjC5lcJtz1R8fXqbjDqcUNOryffICbGNJDHMSQF5eyOljTd0iOCYZQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 78ms
30ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26209
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230091-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pv%2FhxHoQFYoorew2%2BNBiwddHkEKfzzqFsoMDwPh2NsrqEjb12WZKKjN0uHL9pqfHiQ6OJLSoZPNVLz4lBjuHGz0EdKW1i2RXK9CP4BoJwXJE4ItZXuyFbejNa0lCIodhma2UGueu9i8a%2BLJVDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829d5b399c08691b-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 119ms
44ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 01:21:33 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 89ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:40:12 GMT
content-encoding: gzip
age: 718881
x-guploader-uploadid: ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:40:12 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 92ms
37ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: a94cc52e586c8baad9bffafe97759352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 86ms
26ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 63794
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 8-b75FKU-N6uKQzPA7AzA8fpkr7Js2Li7kWSoBVwC2aQK-fbIIL3zA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 952 B
579 B 215ms
215ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4436642718262140&correlator=4243175808755408&eid=31079666%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.adorocinema.cobranded%2Carticles&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=2076216588&sfv=1-0-40&fsbs=1&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700616093627&lmt=1700616093&adxs=0&adys=6732&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&vis=1&psz=1600x6731&msz=1600x0&fws=0&ohw=0&ga_vid=1025678541.1700616094&ga_sid=1700616094&ga_hid=1586805985&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuP_4pL8xSABSAghkEhsKDDMzYWNyb3NzLmNvbRi3__ikvzFIAFICCGQSGQoKcHViY2lkLm9yZxi4__ikvzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuP_4pL8xSABSAghkEhcKCHJ0YmhvdXNlGLj_-KS_MUgAUgIIZBIZCgp1aWRhcGkuY29tGLj_-KS_MUgAUgIIZBIUCgVvcGVueBi4__ikvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLj_-KS_MUgAUgIIZA..&dlt=1700616093070&idt=525&prev_scp=pageid%3Dd73921d893106e0c8f6f8d0600c333ba3t5nx1b6%26contentsource%3Dadorocinema%26breadcrumb%3Ddiversao.entre-telas%26channel%3Ddiversao%26subchannel%3Dentre-telas%26testfloor%3Dtrue%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26contentauthor%3Dgiovannirodrigues%26vendor%3Dadorocinema%26pf%3Dfalse&adks=3968033954&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ffba6340e22afe2844579cfacfb6bc976a70f76ce0932a3d474280b2e363e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 548
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0B1 6 KB
3 KB 97ms
28ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:33 GMT
expires: Thu, 21 Nov 2024 01:21:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 28ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1586805985&t=pageview&_s=1&dl=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&ul=en-us&de=UTF-8&dt=S%C3%A9rie%20de%20fantasia%20esquecida%20no%20Prime%20Video%20retorna%20ap%C3%B3s%202%20anos%20e%20acidentalmente%20estraga%20uma%20grande%20reviravolta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEIJAAQCACAMIC~&jid=490318003&gjid=2068829687&cid=1025678541.1700616094&tid=UA-54936151-1&_gid=339124889.1700616094&_r=1&_slc=1&cd1=diversao&cd2=entre-telas&cd4=contenido_digital&cd5=diversao.entre-telas&cd6=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&cd7=not&cd9=terra&cd10=light&cd18=adorocinema&cd19=giovannirodrigues&cd48=terra360&cd49=false&cd52=light&cd60=10&cd62=4g&cd63=false&cd64=browser&cd68=interno&cd72=default&cd75=2023-08&cd84=8&cd85=1&cd92=0&cd94=adorocinema&z=774506104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

PUT
H2 200 ID Show response
www.terra.com.br/coletor/user/ 225 B
576 B 283ms
282ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID?reason=NewProfileStalker&JSUA=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.159%20Safari/537.36&site=br

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d638f4f70cf32d8de9b96a8d23aa097358fff6429de6e191c7ee131ed688423a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-canary-798ffbc8cc-x5skg
x-content-type-options: nosniff
x-xact-uuid: 80327f25-2f42-4103-9597-308a7284f6ae
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 179

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 903 B
560 B 823ms
431ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=mod.liveRamp&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 18ea7d44f4fecd2f320897686d1e57be8fa6ce48d92d1942dee116953deeacc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 335
x-includer-uuid: bae8ca3f-f0b2-4d51-a8dd-02f9fd7224f6

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 87ms
27ms XHR
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54936151-1&cid=1025678541.1700616094&jid=490318003&gjid=2068829687&_gid=339124889.1700616094&_u=aCDAAEIIAAQCACAMIC~&z=567527311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
232 B 76ms
23ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.terra.com.br
date: Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 whatsapp-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/ 1 KB
850 B 37ms
36ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/whatsapp-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8d4c7adc599852b039fa8c7eee377d82229e0acba62a7c9f002bd2a246fd27b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 536

GET
H2 200 facebook-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/ 555 B
634 B 39ms
38ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/facebook-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: d67d230ae95712c0093c288cba19921dbb227c2cecd64db62e85678cc1b43954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 321

GET
H2 200 twitter-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/ 483 B
581 B 38ms
37ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/twitter-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 32c680c039a7c71df985f40c5ac836e75b8d7897f877f0dac911509bb8ce756c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 18:05:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 267

GET
H2 200 pinterest-color.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/ 921 B
811 B 37ms
37ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential/pinterest-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 8705035cf0fd5a8366a76994aae9de1bb5966912c8c52023b798130c9935c1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 497

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 5 KB
1 KB 894ms
547ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.cobranded_adorocinema.articles.cabeceira&area=cabeceira&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 299ad733ac887166de3c640031cd47ca45d6198470d0991e04a4f948d6b5c9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: e3a85d01-b3d4-46d6-9806-6d2a1f1baea6
content-length: 1149

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 7 KB
1 KB 867ms
544ms Script
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.cobranded_adorocinema.articles.s1&area=s1&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1696430107/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 878833034930c587ec4a5db7d092c8de5d0269656047e76fc016b9c927d93175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: be5089c3-15bc-4715-a138-c0ec55cf0841
content-length: 1187

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravol...
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravol...

85 B
203 B

135ms
134ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp&cc=1
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ba2041dfdf774964cba3c841a0335e9d7c649b85ff92c14a4cfe144c37d84d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-rN9GZCy7tgIw19rIr/2LfW+xqvs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 22 Nov 2023 01:21:33 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.terra.com.br
location: /esp?url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 143ms
44ms XHR
application/json 52.212.46.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.46.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2a20c1b8c427362f9d8a17e170362fc4a942916fe28ffd6786a27dc4979a69d5

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache
x-server: 10.45.13.193
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 329 B
603 B 148ms
42ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 04cb27b9562e872b685a7327fda10d83d53e2208d3e44e82041d7da8a64be8b4

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:33 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: f609225f6e5ec6b842864bfc15a6f9af
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 80ms
31ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54936151-1&cid=1025678541.1700616094&jid=490318003&_u=aCDAAEIIAAQCACAMIC~&z=1225968679

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 83ms
32ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54936151-1&cid=1025678541.1700616094&jid=490318003&_u=aCDAAEIIAAQCACAMIC~&z=1225968679

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0452 15 KB
6 KB 115ms
40ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.terra.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 297479
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0452
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=terra.com.br&sn=ChromeSyncframe&so=0&topUrl=www.terra.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UW...

433 B
651 B

38ms
37ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UWgwUDBqanUzRkZUV3lqY1ZNQ0hBVldFWi9Vei9ib2RzN3piRGxMVzZIblZ2d0R2OVpzdFU4aUpQdVpxMTk5eVhnQmFCbjBPeFA3MGlGbW83MHArbURiRzJUdGlkTSsxclhoSllybDJrUTVTZnordzdFMWpFZkxKdkRScVFNR0cyTjgyNUw1ZWFqd3lEdVgrV0ppN2lmblliZExNd2tEZz09fA&cppv=2

Requested by

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27d4aa6771bebbd0b3a44bc2d659ee33a9f07c3a69fb8bab3971d0eaccf815c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1195772
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=nd62bnx5YldwYjV6akZFWU1UL2xmeDRJMURpdWkxbHA4WTRwRitkQlNGUUY0N2xTakgvZGIvOTFGeVlxUnVKcVpHUmF5ajM4UHN4a25CalpVTFd5eFRPcUhEcmxWc1VWRTVwMVJEeGJGVnlVNEZOK0J6ekcxRExMR044UWgwUDBqanUzRkZUV3lqY1ZNQ0hBVldFWi9Vei9ib2RzN3piRGxMVzZIblZ2d0R2OVpzdFU4aUpQdVpxMTk5eVhnQmFCbjBPeFA3MGlGbW83MHArbURiRzJUdGlkTSsxclhoSllybDJrUTVTZnordzdFMWpFZkxKdkRScVFNR0cyTjgyNUw1ZWFqd3lEdVgrV0ppN2lmblliZExNd2tEZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 258720
content-length: 0
expires: 0

POST
H2 200 userArea Show response
www.terra.com.br/coletor/user/ID/ 170 B
548 B 250ms
250ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/userArea?fetch_data=true

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4eaf5909fe48b7887f0f577e60aea78b741f20c84eacbdb7cd46de63e1016587

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-canary-798ffbc8cc-k7n94
x-content-type-options: nosniff
x-xact-uuid: 3cb8182b-e195-41ec-b401-fbdadde58512
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 152

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 5 KB
838 B 607ms
517ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.t360.favoriteTeam&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 4cd4a49cc6659ce6bf04a3f3604a34e2b5aab521057c52e326e4dc1b65fa2651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 614
x-includer-uuid: 6ac069b9-aa11-4745-a00e-a9792c5924e1

GET
H2 200 iframe-later-terra-player-audima.html Show response
audio10.audima.co/ Frame 3E2A 2 KB
1 KB 203ms
203ms Document
text/html 2606:4700:e4::ac40:af02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/audima-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815e0c138f6f77700d3e43fb32bba558cd1870df24913ddda5caa9b508e5ed18

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=14400 public
cf-cache-status: DYNAMIC
cf-ray: 829d5b3c4e36f0cb-CDG
content-encoding: gzip
content-type: text/html
date: Wed, 22 Nov 2023 01:21:34 GMT
expires: Wed, 22 Nov 2023 05:21:34 GMT
last-modified: Thu, 09 Nov 2023 11:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p91Yewk3sKSvVd3YjayaedmMMbQIvbIsBjWdmOYqR4%2BWJFZf%2Bs7tstdu%2B0pqTwlhx6ySb4gMHyJstHbAfvUH5FYLeHcO%2FOQ3K1EF97uwe2A7mL8kYzNDDv%2FwGftq61m5iRrNSnd%2BupkZup6PBKWog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9B51 0
176 B 135ms
38ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 22 Nov 2023 01:21:34 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 emailHashes Show response
www.terra.com.br/coletor/user/ID/ 189 B
558 B 318ms
318ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/emailHashes?fetch_data=true

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

281db6c6856ae3b30503ce0d7dad18b868602815e0b1607fa5d19f07e8c573e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-5c74f4c467-wxl9h
x-content-type-options: nosniff
x-xact-uuid: 142d3fea-9a01-4083-8fc5-004d8bd4ce06
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 165

GET
H2 200 terra-player.css
audio10.audima.co/ Frame 3E2A 10 KB
3 KB 40ms
38ms Stylesheet
text/css 2606:4700:e4::ac40:af02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/terra-player.css
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e04561b7c210f1f73737c0744e8e081183cf25d6a21332d52bc6321cc5e3bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 11:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5789
etag: W/"654cc711-27bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giZrtMBWRObd1yhgk7ql6NcDEuEUmZLkTpacBzquNr%2BmZBtNKYSVjjK3i0bWaGoXUyLkbhp0ljMPRIykaxrM64Uo8R3kUckMeXw8oNEEdkRndLvUVxPEBQWjXUDkKg%2BsJrMqcJaftw45Bb46HyKTfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
cf-ray: 829d5b3daec9f0cb-CDG
expires: Wed, 22 Nov 2023 00:56:24 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame 3E2A 69 KB
11 KB 76ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio10.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1804630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10277
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7agHpJJjQ%2BzlldosKQEhOjCqDMWiZfCr%2Fj%2FfzEHbUAvqMVNMOlbpep2m%2BchdU7ZxqrP08gIQn%2BblrP4eH%2F3njI39267%2Fz87Pxy7NepArTEn7a0CI8cQRrTAcLkmuFiYhJ1wErayzh5BeiuOQyBbVYzQn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829d5b3dec5b9112-FRA
expires: Mon, 11 Nov 2024 01:21:34 GMT

GET
H2 200 audio-tts-player.js Show response
audio10.audima.co/ Frame 3E2A 86 KB
26 KB 43ms
42ms Script
application/javascript 2606:4700:e4::ac40:af02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/audio-tts-player.js
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 445f1c14212e411213db2b5977acfe2443a318f31a8ad0e50ba526aa7f579c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 11:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4345
etag: W/"654cc711-15624"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXVwXssL%2F1hWnFKQpj4Edj0gZlTmLZoq6Zi11hqHFkpzewfvmJr5eW7KzfmqFG4GEv31Cbd%2B19Ngxx%2Fp%2FxKImdDVII5CENk8NxNhmJFj7Dt%2BQR8uFNJzqmTCzU0yb1ZwZioTI%2F%2B55mnNS4IFxsb19g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 829d5b3dced5f0cb-CDG
expires: Wed, 22 Nov 2023 01:49:13 GMT

GET
H2 200 call-init.js Show response
audio10.audima.co/ Frame 3E2A 1 KB
989 B 39ms
39ms Script
application/javascript 2606:4700:e4::ac40:af02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/call-init.js
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:e4::ac40:af02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852ec930a724b6c7bac9ad426e89c8b2921cd382350981232a2016373ac7168d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 11:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12459
etag: W/"654cc711-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VbUuxybyUC4qFrBOnQW98Aa3fphcbtMzioo1w2R6iuZRshLfaICQzVOUmv40ZNGYionUpbwaIOQFNVAWjS9WSWpWWgV8Z1CXfUCAuW1YuGlOeBEMPwg7V7VqM055IcnuQu3DxHKbKKyqoGhFMW2HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 829d5b3dced6f0cb-CDG
expires: Tue, 21 Nov 2023 23:07:51 GMT

GET
H2 200 mod-notifications.min.js Show response
s1.trrsf.com/update-1674586311/fe/zaz-mod-notifications/_js/ 9 KB
3 KB 39ms
38ms Fetch
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586311/fe/zaz-mod-notifications/_js/mod-notifications.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 31f1a4a51455378e4dc8df3ad43341034b8a64663dcfa2679f3892717ccb242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:51 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2355

GET
H2 200 css2
fonts.googleapis.com/ Frame 3E2A 6 KB
1 KB 80ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Requested by

Host: audio10.audima.co
URL: https://audio10.audima.co/terra-player.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

834f991f763949d6143e42ae63133bd85f51b9c62dea1fd70d41b6a8d0ae97cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audio10.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 00:33:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 01:21:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 3E2A 47 KB
48 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://audio10.audima.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 384726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 14:29:28 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ Frame 3E2A 74 KB
75 KB 51ms
26ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Origin: https://audio10.audima.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75728
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JudlL%2FmbhXiBFILT%2BwEK5Ape4Gte2vPpt8WH0I1%2F4Bt55E00CTle655FqjKSun0TaMECPk7X3EoEYwjIm1I96dly8Yb5fLOkBxwo%2FELEtpu2xZ%2FLQsq4RhGXQmQArOgrqiupgHgHXkxa%2FLsefSK7mEVF"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829d5b3ec99a8fec-FRA
expires: Mon, 11 Nov 2024 01:21:34 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/ 2 KB
2 KB 100ms
21ms Script
text/javascript 18.66.97.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/launchpad-liveramp.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2e49f5e40e39f5614535953895df892bc0c254a5320538f569c855fb78cdc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: eZNjyPz7PNyNz17FMnRfBLDEn4DaSpS8
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 06:29:35 GMT
x-amz-cf-pop: FRA56-P2
age: 67929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Wed, 16 Aug 2023 12:52:10 GMT
server: AmazonS3
etag: W/"70fbd1fa28a74da228091e81058d667e"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: p4PanyGh6u6r5pQgZ3bKmYbYjc90K7rm3SrqY4DxMuxotu9aDH3saw==

GET
H2 404 ShowArea Show response
www.terra.com.br/api/tagmanfe/ 316 B
371 B 201ms
201ms Fetch
text/html 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.terra.com.br/api/tagmanfe/ShowArea?key=br.config.backend.adnotification&area=adnotification&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1699540206/fe/zaz-ui-t360/_js/context.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 397573d616b2f2f202ddb08bd11860e2e8be72cb60bc9b13b97367d25915cd33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
x-xact-uuid: 698049f4-6c5a-4bfa-a087-eb79409f4d86
content-length: 239
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 82ms
37ms Script
application/javascript 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RQqlFHDxRgOkLb1wvtmfwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RQqlFHDxRgOkLb1wvtmfwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 22 Nov 2023 01:21:34 GMT

POST
H2 200 userArea Show response
www.terra.com.br/coletor/user/ID/ 170 B
543 B 262ms
262ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/userArea?fetch_data=true

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4eaf5909fe48b7887f0f577e60aea78b741f20c84eacbdb7cd46de63e1016587

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-5c74f4c467-n9m8s
x-content-type-options: nosniff
x-xact-uuid: 2e66c8de-18cc-47a2-9ec3-51bd5c6f4c7f
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 152

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 128 KB
26 KB 88ms
21ms Script
application/x-javascript 13.32.27.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: PnaJdxHydHN9eEuWHl7A1SeLMo27G9Y2
content-encoding: br
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 01:04:47 GMT
last-modified: Fri, 27 Oct 2023 11:56:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1008
x-amz-server-side-encryption: AES256
etag: W/"8f65165dbe6028fe7739c568043840fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: Q_KpQ7Yu4qDo05wmGoJNueFIHyLJKW0gjoutxlvdHaCtb_osNydChg==

GET
H2 200 app-t360-favorite-team.min.js Show response
s1.trrsf.com/update-1695045306/fe/zaz-app-t360-favorite-team/_js/ 20 KB
5 KB 34ms
34ms Fetch
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1695045306/fe/zaz-app-t360-favorite-team/_js/app-t360-favorite-team.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 699171c33635b7afd52c1581a8d3308aa1af5eab32a8996acffaa428310530ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 13:55:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 4546

GET
H2 200 theme-default.min.css Show response
s1.trrsf.com/update-1695045305/fe/zaz-app-t360-favorite-team/_css/ 5 KB
1 KB 35ms
34ms Fetch
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1695045305/fe/zaz-app-t360-favorite-team/_css/theme-default.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 295c8fb354a39789d21bc7a88dc34e7bd844414b6086cd16f27db98a8dd77d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 13:55:05 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 954

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 169ms
100ms Preflight
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.terra.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 22 Nov 2023 01:21:34 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront), 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-apigw-id: Oxqg4FMJDoEEiyg=
x-amz-cf-id: qY-vVlhWLS508clqZ3NakqDAVAgLksJWl349JVOQ_YAL87kwc9vY7Q==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 2b1df28e-ef64-4b37-aa1f-2c83805020ab
x-cache: Miss from cloudfront

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
605 B 23ms
22ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Nov 2023 02:00:19 GMT
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 84075
x-amzn-requestid: ecef46b4-d67d-46ff-884e-caed871d446e
x-amzn-trace-id: Root=1-655c0f33-6b87bd34580a07997f7a7c82;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: OudQFGKHDoEEimg=
content-length: 28
x-amz-cf-id: MwVRMraGFaF5z-aruy7U-Kgbb-1rTH0QH3rXrGIUUWtYl-KDGjr6Nw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 35ms
20ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/diversao/entre-telas/serie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta,d73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:36:53 GMT
content-encoding: gzip
age: 13481
x-guploader-uploadid: ABPtcPoQpBAPTEc0G5rrXd-ZQCynoYJX0NIPt-HQ1gDUvonAU0igO9tcl6CTjZnVtSRys56Swgk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Wed, 22 Nov 2023 21:36:53 GMT

GET
H2 200 otToken.js Show response
storage.googleapis.com/fledge-tests/ 413 B
895 B 83ms
21ms Script
application/x-javascript 2a00:1450:4001:82b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/fledge-tests/otToken.js
Requested by: Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:17:55 GMT
age: 219
x-guploader-uploadid: ABPtcPoWciDCBCxnOaJBGkRSiCvs6PYXpazXY9DDg3Nfj6ajQoHldtdLACz5PD9hkRgtM_8XZFY
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
last-modified: Tue, 08 Nov 2022 10:42:35 GMT
server: UploadServer
etag: "483749ebdd3ce30b016713e5624a0bf8"
x-goog-generation: 1667904155021583
x-goog-hash: crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type: application/x-javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 413
accept-ranges: bytes
expires: Wed, 22 Nov 2023 02:17:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 84ms
35ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4ff94047956e5c12c16f8deda8d226f7ec44386867e96db38ce3cc617ac1868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12374
x-xss-protection: 0

GET
H2 200 zaz-datetime.min.js Show response
s1.trrsf.com/update-1674586306/fe/zaz-mod-datetime/ 38 KB
11 KB 34ms
34ms Fetch
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586306/fe/zaz-mod-datetime/zaz-datetime.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 285b329154d66c830326cdfe19681500a9f2f11f0bbd36b04440340b9f3a9e23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:46 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10530

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 21ms
20ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:07:23 GMT
content-encoding: gzip
age: 54851
x-guploader-uploadid: ABPtcPp8JYtWlgD5wlCY-lm755pPkzOUrdHIZKrLKp7kaslCkoJKCH4NMRMegH05qHizcLytw6s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Wed, 22 Nov 2023 10:07:23 GMT

GET
H2 200 trk
tt-10969-0.seg.t.tailtarget.com/ 70 B
778 B 304ms
120ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:bratargettecinformaticaapple:1|_channel:brachanneldiversao:1|_channel:bratargetdiversidade:1|_channel:terrahomepage:1|_channel:terraconteudointerno:1|_channel:adorocinema:1|_channel:brachanneldiventretelas:1&tK=1700616095&tM=direct&tL=direct&tN=direct&tY=3&tZ=268787629
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
514 B 278ms
118ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 126ff8c0e781563aa02fa93b00449f80e2bd09fdcad30a6ee5624bf48a86c0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 pageviews Show response
www.terra.com.br/coletor/user/ID/ 225 B
576 B 212ms
212ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/pageviews

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:9::5c7b:8528 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d638f4f70cf32d8de9b96a8d23aa097358fff6429de6e191c7ee131ed688423a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-canary-798ffbc8cc-vd5m9
x-content-type-options: nosniff
x-xact-uuid: 7b606142-0a51-4fda-8b13-592d27aa0755
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 179

GET
H2 200 bell.svg
s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/ 657 B
707 B 34ms
34ms Image
image/svg+xml 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1700224253/fe/zaz-mod-t360-icons/svg/essential-solid/bell.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6d2002313fe4dc7cea780501d474df1d98af6be04b0cdb0a1366a841997a844f

Request headers

Referer: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 393

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 153ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 01:21:35 GMT

GET
H2 200 zodiac-solid.min.css Show response
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/ 1 KB
513 B 35ms
35ms Fetch
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/zodiac-solid.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: c77b820ac1ce0e0962e7c2e834a4f1afb0c214d932a0b554d8a8a26e73fe9a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 12:35:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 205

GET
H2 200 shields.min.css Show response
s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/ 19 KB
3 KB 37ms
37ms Fetch
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1700224506/fe/zaz-mod-t360-icons/_css/shields.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 62e88026d379effdb840b2b2504c64a2e11900885441f1eeb3695d481d140193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:34 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 12:35:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2418

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 826 B
529 B 60ms
60ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=mod.aps&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 68d511a07b459a7e9fa7db459113881ccd3932313545b1c776022e3e5e21d863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 305
x-includer-uuid: ca1c649a-279d-40d2-ae8d-5162af1bafbe

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E01 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBE0 829 B
998 B 30ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0031ada69905040a7741dfd64daf65b6a854123dbbe88cf4f766ec1ccbff1126

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VxavU62AqwePfKWW8HSaSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VxavU62AqwePfKWW8HSaSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:35 GMT
expires: Wed, 22 Nov 2023 01:21:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 88ms
23ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 00:43:50 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2266
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: oly-DTCPnighJqMMuvXF_QLrAMQiFuFgMwoN4cty_yaSw00ELYz8FQ==

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E01 39 KB
15 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBE0 0
0 83ms
52ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=4436642718262140&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
20ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 11:39:52 GMT
x-amz-cf-pop: FRA56-P6
age: 49316
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: P_Rc8eoi32IEvssH9sxg3rgY2s5tMqOaED-E2A4KTk3iNFxYZDAglA==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E01 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YD0HQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 b Show response
b.t.tailtarget.com/ 128 B
558 B 123ms
122ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=1&tU=0100007F9F575D65D906B316024E3551&tX=b.52&tZ=157015395&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 7ea66bd6768888d5b5ad1e4bdeb009091927e02a70574328056a3b98dbd53524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 11 KB
1 KB 411ms
410ms Fetch
application/json 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.t360.navbarNotifications&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 4c7966902e836ea786aff3d524361b9eeeb91103698ca0eca1a5318f6a1a85ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
server: Terra Web Server
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 881
x-includer-uuid: c701c4ce-9766-4c7c-b666-c54adbf503ae

GET
H3 200 ca Show response
tt-10969-0.seg.t.tailtarget.com/ 128 B
153 B 128ms
128ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=816364550&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: eeb9b061abe3312b5b7f646784d9a728d963b1f632c6df4d560cb33b67636b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 164ms
126ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=___de_1700616095261_3648182805&tJ=CA3731,CA6935,CA4723,CA5682,CA4729,CA7125,CA33426&tQ=bratargettecinformaticaapple,brachanneldiversao,bratargetdiversidade,terrahomepage,terraconteudointerno,adorocinema,brachanneldiventretelas&tU=0100007F9F575D65D906B316024E3551&tX=b.52&tY=1&tZ=903710838
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=4436642718262140&bg=!GRqlGlXNAAZxrfrxUa07ADQBe5WfOKmm-2SGr2c4gjxuN2swL4iz_Y733e3h-qVVM-WVTLOtntWf6JD29bvx1ZJ1a8rkAgAAAEdSAAAAA2gBBwoAMWBJjuIVpCJIQ5HNZUu5XTa0rAYUNe1GmNOeL_a9z8AnPgyJdDuvlWFcBOh8eXcwBvmZArPLL0qfWN9tnIE4Z11rUarueIJihlzoA6Zn0N7nhDjDrV3x1Rcc-XoGphCr7kB9-AJ91s57x6q8RWu2bZ_uGAfwlCVvypcpC_CoFhPu1NEa2EmujGtItzSZLjj3Q6mZT8mnleMbsBObKXyt00SmK1G7NVbQOUZlaHKXpc9bepYUM5_7cVnOhNxV7AjU1KV_JvAzkegtityDU_M3asPXQYNdSMTLp3piaqcoml-31XVndgx36AJzbBukjJ0wcWc524mBjwgcEgtPpHV_ouJ0ZbdB9iAJ1AWnEb_SfLZKLBCEuE1SeJHE3NBKIAQeslF_no1PPofdRIPBxsB8hJ2umZ9ZBRsxV_AcQFom2SNyzt4DfXSfT9YI_9tcw3K4gMDcRkV13bTlrID6VZB_IjAw-I4n4HkmCfhi4dpwAWt6JwWzk8g0YM7VQS7c3JCeVRmAMfMXgy_FGmQoe-sCtBqGyHo9srJqshCqVdRdqNekm7DjhUeo0YFnDO273tXVeBKtvWIeO2YLM-RnkR-jaPEynClLXopI37gahy8YsJRJZUUe7y-dcxmHdtI6guYmQdddcM4iP6f4lomRccC769QCvSBxhiUrQTmMK2aIYTyheSjzc8f4ZEPTnXkFUVa8ByjrHPwX0NmYIRdb8PbB5_8W_Dr05rsrErZ_PDRU5iAdvku2Ad3pguEbCCnD8G7dBQvLVLL3tD0r9T5Wvdt-T61HcCozbA-ZY-IdJX-eQL1PyE0jP1G3UlpR3Kv1TlchDt6e8C6OglgZUhc1nYC-MwOPhKMeceP2Ic6A9PktJZS4nk4ExlzTATfChSfmd_5l7kGcfGkhkXJIJClONm82QckcYVt7F_EnlSLXcar-T491lEfKOJPNEIYpQJeRgFiIp1ibHDA9lj95OhsmqaOCvYN_RyZSHsRf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 bc92a28d-5a18-4ea4-9491-626e7826c69c Show response
config.aps.amazon-adsystem.com/configs/ 537 B
813 B 82ms
21ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 961020d0efe656c99d2be6010e9a6fdb40709129310cae1fb7a5c92a7aa02e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:13:32 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 483
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: 8fJD4hnDKYZUoTH_s3MUQzUPpdXCSyQHXlhz6tdRHfyb9NGzyy10DQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 23ms
23ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.terra.com.br&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:12:16 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 11358
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.terra.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: OswpY7RHvbv7y-Fl3Xzk4502raRuRdouoyz7ILe8l2n24vic7hhqAg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 140ms
61ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&pid=pIXmCTIqnX1h0&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22ad-content-s1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fs1%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 56H2DZGY1BBGFSHP3S8K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 0qFMD7nzV4lYSWY4hbzBD_H2LpOy8qeFHR3LtVqwUn6NC3H2zxua7Q==

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 142 B
960 B 274ms
198ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

fa7d6ac935d3cf0bf7ac4547294cf5a2b513f96c4c098f19ef01af77e512502e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
an-x-request-uuid: db6b6b17-177e-4217-8515-f052e1b10233
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 142
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 140ms
89ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 55ccbdbaa27631199497ba57202bb5c82981f6805f272fa8c02118be1f41d245

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:35 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 01:21:35 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
380 B 281ms
233ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 164ms
76ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=83886038432&lsavail=1&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMkYlMkJ5d3VPRFlicjd0UXhJZjBhUHNUeDBWTUtqTjZuajcwZEE5Sm1jbDIybkhZN2FRUUtpQWVzV1YycW9xZGJXTE16UVhFUmFzR010bVBwaHVoakN3Skd3ck9nZFZGVjhVSTNZY0NPdlQwckElM0QlM0Q

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.terra.com.br
date: Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
10 KB 291ms
221ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

20e58a9f3f301cb7cefc50ba90d5e615228189b2e1f0d8dc218931e04d79e650

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
an-x-request-uuid: f736a601-db24-4a78-bbe2-90b50fca4ff7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
338 B 175ms
34ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:35 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 640 B
1 KB 141ms
86ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_v.sticky=true&tg_v.pageid=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&tg_v.contentsource=adorocinema&tg_v.breadcrumb=diversao.entre-telas&tg_v.channel=diversao&tg_v.subchannel=entre-telas&tg_v.testfloor=false&tg_v.words=pt%2Cmedium&tg_v.connection=4g&tg_v.fledge=false&tg_v.parceiro=true&tg_i.domain=terra.com.br&tg_i.page=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_i.adunit=br_terra_adorocinema_cobranded%2Farticles%2Fs1&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fs1&tk_flint=pbjs_lite_v7.54.5&x_source.tid=69e90e30-bbff-421f-98ab-2a2c425609de&l_pb_bid_id=17859bffe077bd2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=69e90e30-bbff-421f-98ab-2a2c425609de&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fs1&slots=1&rand=0.5321539468703105
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 60ff86054727c55a94648b2a3d375a30d0f4ec1775f2444e9d7ba7e9e84c21bb

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:35 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 119ms
64ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&pid=pIXmCTIqnX1h0&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22header-full-ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%221272x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fcabeceira%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: WACCMWCHRFNGZE1PY3Q6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8JJWQ_8tZ_DYhp_LtfUk_4FSHleAYPUBweqgdj7YnUthkqP6LdqtUw==

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
558 B 386ms
254ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
6 KB 315ms
256ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

f723ce7dff47c0ab2c047ec493efcc075cc2ae9ce1b0a7e78d816c531dd63cc7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
an-x-request-uuid: 3eee69ec-fe38-4250-b7ba-af2c8e84830f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 122ms
87ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 14e9eb55013564bb7ccd919065e7be491b3a2275b16251ee42c5a2092ade1b79

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:35 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 01:21:35 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 156ms
110ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_v.viewport=s1&tg_v.pageid=d73921d893106e0c8f6f8d0600c333ba3t5nx1b6&tg_v.contentsource=adorocinema&tg_v.breadcrumb=diversao.entre-telas&tg_v.channel=diversao&tg_v.subchannel=entre-telas&tg_v.testfloor=false&tg_v.words=pt%2Cmedium&tg_v.connection=4g&tg_v.fledge=false&tg_v.parceiro=true&tg_i.domain=terra.com.br&tg_i.page=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&tg_i.adunit=br_terra_adorocinema_cobranded%2Farticles%2Fcabeceira&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fcabeceira&tk_flint=pbjs_lite_v7.54.5&x_source.tid=3a1feeb2-ca2f-498b-b461-718681de9c9c&l_pb_bid_id=2672cd020076db4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3a1feeb2-ca2f-498b-b461-718681de9c9c&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.adorocinema.cobranded%2Farticles%2Fcabeceira&slots=1&rand=0.38857874459892394
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 836eea9098648195ed10f5ae2927e3f6b30ad7bf7b8a32a80bfd89f6fec7653d

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
74 B 624ms
591ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 312ms
255ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

49e9f098e2fa8a7f920889affc875779056100b74abfe5f34c9b6985054c1d3d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
an-x-request-uuid: 05a8bee7-f05d-4c61-9a0b-ef49c9b6b806
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 128ms
55ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=73512328173&lsavail=1&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMkYlMkJ5d3VPRFlicjd0UXhJZjBhUHNUeDBWTUtqTjZuajcwZEE5Sm1jbDIybkhZN2FRUUtpQWVzV1YycW9xZGJXTE16UVhFUmFzR010bVBwaHVoakN3Skd3ck9nZFZGVjhVSTNZY0NPdlQwckElM0QlM0Q

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.terra.com.br
date: Wed, 22 Nov 2023 01:21:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 app-t360-navbar-notifications.min.js Show response
s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_js/ 12 KB
4 KB 34ms
34ms Fetch
application/javascript 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_js/app-t360-navbar-notifications.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Terra Web Server /
Resource Hash: 4df13c526ff0f84c49de003792de9d1256e1cfc34e17d6f9d12402b61241ef77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: br
last-modified: Tue, 05 Sep 2023 13:40:06 GMT
server: Terra Web Server
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 3280

GET
H2 200 theme-default.min.css Show response
s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_css/ 6 KB
2 KB 34ms
34ms Fetch
text/css 2a02:26f0:f500:9::5c7b:8502
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1693921206/fe/zaz-app-t360-navbar-notifications/_css/theme-default.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1691441104/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:9::5c7b:8502 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 2f184ebb644b10356c882abb0fc4788abfefdccaf8b2e62673cdd9eb1dc7d959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:35 GMT
content-encoding: br
last-modified: Tue, 05 Sep 2023 13:40:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1314

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 329ms
328ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4436642718262140&correlator=983533580013421&eid=31079666%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.adorocinema.cobranded%2Carticles%2Cs1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=2&didk=2382027107&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3Dc6e8faaf699284c3%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MZAgegc3NCNwRgwjqNjyQaTXiRRng&gpic=UID%3D00000cd6bd46ae79%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MYST5HZKSnSL__11DG_O1UaGiW2ZQ&abxe=1&dt=1700616096079&lmt=1700616096&adxs=1066&adys=527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&vis=1&psz=306x250&msz=306x250&fws=4&ohw=306&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1025678541.1700616094&ga_sid=1700616094&ga_hid=1586805985&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuP_4pL8xSABSAghkEhsKDDMzYWNyb3NzLmNvbRi3__ikvzFIAFICCGQSGQoKcHViY2lkLm9yZxizgPmkvzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YuP_4pL8xSABSAghkEq4CCghydGJob3VzZRKYAlQ3dVN6aHVVYmRlbld2MEI3bE96bnprZ0R5QXY5MVUrUFV2V2h4ZXNjbHk1ZXVSZjBTWEROOXh4a0xkS2Zsd1doTWpsTnNCazdVU1oySlNtRUdFZkRnWE1oNzZoQVFQN1F3NmhxeW1QSlgvcUFja3BGUENac0ZxNEVRdDZXUFhIS0JLNW5GSjA5RmtVWUhSdkNrSFZNdWtnTWxybThDZVh0VUtrUFcwbnlrVkZmQ2pQd1EzU2tXR01BU0o5ZzRhbDBZaEljY3d4NDhpdzJEUVl6eDYyVEZERit1K0QveE9XWktSTm96Rzk1R0Fxd05CNUt6RXVjNnhTNVUzeXVtSDA3aHpCMXBkb2pYMGRhOGkwVWh4TU9BPT0Ym4L5pL8xSAASGQoKdWlkYXBpLmNvbRi4__ikvzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pYUdaVFZrNU5UbVpVTm5GclF6QjJhM2xMVVcxbmR6MDlJbjA9GM2D-aS_MUgAEhsKDGlkNS1zeW5jLmNvbRiYgfmkvzFIAFICCGo.&dlt=1700616093070&idt=525&prev_scp=viewport%3Ds1%26refresh%3D0%26sticky%3Dtrue%26pageid%3Dd73921d893106e0c8f6f8d0600c333ba3t5nx1b6%26contentsource%3Dadorocinema%26breadcrumb%3Ddiversao.entre-telas%26channel%3Ddiversao%26subchannel%3Dentre-telas%26testfloor%3Dfalse%26words%3Dpt%2Cmedium%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26contentauthor%3Dgiovannirodrigues%26vendor%3Dadorocinema%26pf%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_native_linkurl_ap%3Dhttps%253A%252F%252Ftrace-eu.mediago.io%252Fju%252Fic%253Ftn%253Dfd2c78e45533ef29df88e75fbc16275a%2526trackingid%253D7f1b4ec7ae763081c9474b1711fc1771%2526acid%253D14%2526data%253D3_SsTqg8TYdigivCFU-GEmpSDqlZyOtQ5BomPg_NqFa35Igk34uiu4d3HatwI76s8XPv84chgonzyiunk7iOHzgwTGaAQ6FFotgBjZ62_XEBpic4Jw91zgmEbcp85BgE4m22hwy8m0dq70u3ZoGAsOdnkh0aq-OOGYEyKAm22Eed_y81tP4039YD_kqg7nApHK-ie0X9N_4YyfobgRiEEYBNHiQHaIOC7VSy2UXpAuIwBS4hEfPH03ibPmvWS0nKh9gxpGab1Rr6yk-iNKSqOLPZ1wTGYCB5Tfa6XrjjdOtX6OKiaixlOdX4HLyK7nAXiv5XLd4G0j2ggFw4B6i-bXpuFdyEYqCilVgEx4d_mAWVdxgPjk-qFygBu0I0N9oNWUfTnuRbnyLEpzdaUrmEr3nTwpVRxaZhhdRSauvOchwMBvf8tKZ-MYr-Oup7nZ6HBRpclhUrzKPlBlA3UwAkMHFh_9WIG_YBoINULpAJlq5AAOS76TltSxTAR-DSyHjesjAURUm7ka9nWJgOxmnrKeHmH1Dzx5dqToFOBpTfRVyi2rLhyPvBsz-dEPNsthqIitCXKjYqLU7DW3dV5dTnsQQy6UkfwCB_Gp5SfBY0dffjFctDlyvojSy9_VYmJDk26bpKcvEcBSd3rBDmKd9Xm_rePvJrMbZppLCuMXWPp5OsckPB2jC7UxAX7VJF2tgrRbmf08PrTGqT10ZC8oo1JALfepk_Uh8ciy1VDBwHgvj8tk8Nr2XLEIVpUevcPzAul5qXSqzXLutV62WHwPJaINmA58ifZT8Z1M97aQez-cl-rYNqHSGM6jFT9U9VUhtjrBLT4BDuuc-0eYGfW4KTQEFRJGlP-GUvQvMjs86DAUWw-OIus0epx0ByoucjD4-PyF7DB3qrjYMSLc_lzW5lJJ7oQHCKsGmJ-dbZ8TuOnmALaJiYJ21weiEqrxk_TA01dHtdzB6kZbRmLFHo-kxEJODzuCmjdD2JNvUmNhHLXayKIyPFSPjWnuV5bME41kYLg1bVLoF7-xCIOGD6Y4fl2AyD9dryyRzfw-pJxHSVGKA4FbUePf-iRtKgt1Gwuhcyg3P79LYs9QLZQCNa2gz3ukefNE3EZ1_mQ7w1c9LsJTi2hpmTWkijZDd7lVdAbHNhT2he-1WOKi-vA6D4BBMVOqv_DHhYkcvQODTaPvwJdvHxDX2iG1RjJ0w4ZAoqzXSHwSJERXEsQ41obWrzxhaKoV8tH1pbMGLshc6SDgqFsObme_aHoJduwVSjr5rX3-1XRII1SwQvjuepFLxkEI91E8yyZ9tKe7Iy_M8tPbP7DFS01-5PqFRJdZdCLBRCcGBR8LgTYCckpmZO17UI97opibbHeMLNjib-fACYNvD6Xoxz3t13EddD_X2FKECgsEhnQvzCBpC2zV6VhfArQl8ZFyZ7HS0XS0TtiKjAjySRESvMfmNPNRGTTDozbc-LC5qISRQRnb05plxVRijHEdda-WEFYm90kRRkzSFtQwZfmI2Y8BQMjCNjApgCXpKbKBZ_PacvZpjL1uJ24qHMyJSRv_vpLKHF6s0TJ3dYCycgq2jS09lesiVxAkksofwL77b80eLqCXasV0bR0TlF8_3IOmp5OOUcWpPHhYCOi5diWemGuQ6Dhf4wVkFyRW0FJzxBSIfEhOEqBuIS_1T8Xav38K7FSsCrgmi5l_57m4EjdwjC9NQ0TQoGfFA4zh3is-NZLpxLdHXXknvmmeqpyxJ3wiE-1UJBnj7dq-YtkD1pFHgQfY_eGrEHbbVsIMGO6uF0zX3fnEZ4z8S-RqLu9z_C_x96dsBcq3tHNj7wDVw6WV5PjLUi__vNaTV_aNJJJlZn%2526uid%253Dmid_af166768bff417dbe700cfd490b2e72b%2526mguid%253D%2526ap%253D%257BAUCTION_PRICE%257D%2526tid%253D%257Btid%257D%2526gprice%253DQNrDwNOVcjRJRnILuEn8KVfVfcIygjDOPOC1zvdflbc%2526campaignid%253D2118541%26hb_native_icon_appne%3Dhttps%253A%252F%252Fd2cli4kgl5uxre.cloudfront.net%252FML%252Fl_150x150.png%26hb_native_image_appn%3Dhttps%253A%252F%252Fimages.mediago.io%252FML%252F4ea8a526d70879ab71f2c9e4d5aeba34__scv1__1200x628.png%26hb_native_brand_appn%3DLifestyletrendshq%26hb_native_body_appne%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_native_title_appn%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_format_appnexus%3Dnative%26hb_size_appnexus%3D0x0%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D367ef600394ba38%26hb_bidder_appnexus%3Dappnexus%26hb_native_icon%3Dhttps%253A%252F%252Fd2cli4kgl5uxre.cloudfront.net%252FML%252Fl_150x150.png%26hb_native_image%3Dhttps%253A%252F%252Fimages.mediago.io%252FML%252F4ea8a526d70879ab71f2c9e4d5aeba34__scv1__1200x628.png%26hb_native_linkurl%3Dhttps%253A%252F%252Ftrace-eu.mediago.io%252Fju%252Fic%253Ftn%253Dfd2c78e45533ef29df88e75fbc16275a%2526trackingid%253D7f1b4ec7ae763081c9474b1711fc1771%2526acid%253D14%2526data%253D3_SsTqg8TYdigivCFU-GEmpSDqlZyOtQ5BomPg_NqFa35Igk34uiu4d3HatwI76s8XPv84chgonzyiunk7iOHzgwTGaAQ6FFotgBjZ62_XEBpic4Jw91zgmEbcp85BgE4m22hwy8m0dq70u3ZoGAsOdnkh0aq-OOGYEyKAm22Eed_y81tP4039YD_kqg7nApHK-ie0X9N_4YyfobgRiEEYBNHiQHaIOC7VSy2UXpAuIwBS4hEfPH03ibPmvWS0nKh9gxpGab1Rr6yk-iNKSqOLPZ1wTGYCB5Tfa6XrjjdOtX6OKiaixlOdX4HLyK7nAXiv5XLd4G0j2ggFw4B6i-bXpuFdyEYqCilVgEx4d_mAWVdxgPjk-qFygBu0I0N9oNWUfTnuRbnyLEpzdaUrmEr3nTwpVRxaZhhdRSauvOchwMBvf8tKZ-MYr-Oup7nZ6HBRpclhUrzKPlBlA3UwAkMHFh_9WIG_YBoINULpAJlq5AAOS76TltSxTAR-DSyHjesjAURUm7ka9nWJgOxmnrKeHmH1Dzx5dqToFOBpTfRVyi2rLhyPvBsz-dEPNsthqIitCXKjYqLU7DW3dV5dTnsQQy6UkfwCB_Gp5SfBY0dffjFctDlyvojSy9_VYmJDk26bpKcvEcBSd3rBDmKd9Xm_rePvJrMbZppLCuMXWPp5OsckPB2jC7UxAX7VJF2tgrRbmf08PrTGqT10ZC8oo1JALfepk_Uh8ciy1VDBwHgvj8tk8Nr2XLEIVpUevcPzAul5qXSqzXLutV62WHwPJaINmA58ifZT8Z1M97aQez-cl-rYNqHSGM6jFT9U9VUhtjrBLT4BDuuc-0eYGfW4KTQEFRJGlP-GUvQvMjs86DAUWw-OIus0epx0ByoucjD4-PyF7DB3qrjYMSLc_lzW5lJJ7oQHCKsGmJ-dbZ8TuOnmALaJiYJ21weiEqrxk_TA01dHtdzB6kZbRmLFHo-kxEJODzuCmjdD2JNvUmNhHLXayKIyPFSPjWnuV5bME41kYLg1bVLoF7-xCIOGD6Y4fl2AyD9dryyRzfw-pJxHSVGKA4FbUePf-iRtKgt1Gwuhcyg3P79LYs9QLZQCNa2gz3ukefNE3EZ1_mQ7w1c9LsJTi2hpmTWkijZDd7lVdAbHNhT2he-1WOKi-vA6D4BBMVOqv_DHhYkcvQODTaPvwJdvHxDX2iG1RjJ0w4ZAoqzXSHwSJERXEsQ41obWrzxhaKoV8tH1pbMGLshc6SDgqFsObme_aHoJduwVSjr5rX3-1XRII1SwQvjuepFLxkEI91E8yyZ9tKe7Iy_M8tPbP7DFS01-5PqFRJdZdCLBRCcGBR8LgTYCckpmZO17UI97opibbHeMLNjib-fACYNvD6Xoxz3t13EddD_X2FKECgsEhnQvzCBpC2zV6VhfArQl8ZFyZ7HS0XS0TtiKjAjySRESvMfmNPNRGTTDozbc-LC5qISRQRnb05plxVRijHEdda-WEFYm90kRRkzSFtQwZfmI2Y8BQMjCNjApgCXpKbKBZ_PacvZpjL1uJ24qHMyJSRv_vpLKHF6s0TJ3dYCycgq2jS09lesiVxAkksofwL77b80eLqCXasV0bR0TlF8_3IOmp5OOUcWpPHhYCOi5diWemGuQ6Dhf4wVkFyRW0FJzxBSIfEhOEqBuIS_1T8Xav38K7FSsCrgmi5l_57m4EjdwjC9NQ0TQoGfFA4zh3is-NZLpxLdHXXknvmmeqpyxJ3wiE-1UJBnj7dq-YtkD1pFHgQfY_eGrEHbbVsIMGO6uF0zX3fnEZ4z8S-RqLu9z_C_x96dsBcq3tHNj7wDVw6WV5PjLUi__vNaTV_aNJJJlZn%2526uid%253Dmid_af166768bff417dbe700cfd490b2e72b%2526mguid%253D%2526ap%253D%257BAUCTION_PRICE%257D%2526tid%253D%257Btid%257D%2526gprice%253DQNrDwNOVcjRJRnILuEn8KVfVfcIygjDOPOC1zvdflbc%2526campaignid%253D2118541%26hb_native_brand%3DLifestyletrendshq%26hb_native_body%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_native_title%3DW%25C3%25A4rmepumpen%253A%2520die%2520einfache%2520L%25C3%25B6sung%2520f%25C3%25BCr%2520einen%2520Altbau%2520ohne%2520D%25C3%25A4mmung%253F%2520Schau%2520mal!%26hb_format%3Dnative%26hb_size%3D0x0%26hb_pb%3D0.02%26hb_adid%3D367ef600394ba38%26hb_bidder%3Dappnexus&adks=975625246&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dbd449f02a5396173705983b22751598501933930ded270d300e68c905b5259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12521
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E290 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:33 GMT
expires: Thu, 21 Nov 2024 01:21:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
46 KB 381ms
380ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4436642718262140&correlator=3763827589310151&eid=31079666%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.adorocinema.cobranded%2Carticles%2Ccabeceira&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C1272x250&ifi=3&didk=3155275638&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3Dc6e8faaf699284c3%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MZAgegc3NCNwRgwjqNjyQaTXiRRng&gpic=UID%3D00000cd6bd46ae79%3AT%3D1700616093%3ART%3D1700616093%3AS%3DALNI_MYST5HZKSnSL__11DG_O1UaGiW2ZQ&abxe=1&dt=1700616096471&lmt=1700616096&adxs=436&adys=198&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html&vis=1&psz=728x250&msz=728x250&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1025678541.1700616094&ga_sid=1700616094&ga_hid=1586805985&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuP_4pL8xSABSAghkEhsKDDMzYWNyb3NzLmNvbRi3__ikvzFIAFICCGQSGQoKcHViY2lkLm9yZxizgPmkvzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YuP_4pL8xSABSAghkEq4CCghydGJob3VzZRKYAlQ3dVN6aHVVYmRlbld2MEI3bE96bnprZ0R5QXY5MVUrUFV2V2h4ZXNjbHk1ZXVSZjBTWEROOXh4a0xkS2Zsd1doTWpsTnNCazdVU1oySlNtRUdFZkRnWE1oNzZoQVFQN1F3NmhxeW1QSlgvcUFja3BGUENac0ZxNEVRdDZXUFhIS0JLNW5GSjA5RmtVWUhSdkNrSFZNdWtnTWxybThDZVh0VUtrUFcwbnlrVkZmQ2pQd1EzU2tXR01BU0o5ZzRhbDBZaEljY3d4NDhpdzJEUVl6eDYyVEZERit1K0QveE9XWktSTm96Rzk1R0Fxd05CNUt6RXVjNnhTNVUzeXVtSDA3aHpCMXBkb2pYMGRhOGkwVWh4TU9BPT0Ym4L5pL8xSAASGQoKdWlkYXBpLmNvbRi4__ikvzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pYUdaVFZrNU5UbVpVTm5GclF6QjJhM2xMVVcxbmR6MDlJbjA9GM2D-aS_MUgAEhsKDGlkNS1zeW5jLmNvbRiYgfmkvzFIAFICCGo.&dlt=1700616093070&idt=525&prev_scp=viewport%3Ds1%26refresh%3D0%26pageid%3Dd73921d893106e0c8f6f8d0600c333ba3t5nx1b6%26contentsource%3Dadorocinema%26breadcrumb%3Ddiversao.entre-telas%26channel%3Ddiversao%26subchannel%3Dentre-telas%26testfloor%3Dfalse%26words%3Dpt%2Cmedium%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26contentauthor%3Dgiovannirodrigues%26vendor%3Dadorocinema%26pf%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.12%26hb_adid_appnexus%3D40d3eeab8f19006%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.14%26hb_adid%3D38dbca93b342c85%26hb_bidder%3Dprojectagora%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D970x250%26hb_pb_projectagora%3D0.14%26hb_adid_projectagora%3D38dbca93b342c85%26hb_bidder_projectago%3Dprojectagora%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.07%26hb_adid_rubicon%3D353d9d39b8bc522%26hb_bidder_rubicon%3Drubicon&adks=4123656343&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d37b3f56d20ce8c2d4421966455b1b4825917558550c1bbe4436a7392e5b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47419
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 04AD 624 B
577 B 81ms
32ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E290 89 KB
31 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 01:21:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E290 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrlyvGfi6PLu8y51x7QTNFDtIusLsIuoAw4k1EufxzEyoiwPFnIWeuOe5z5hQs23LbsopALLEJ3q9UVMmgVF4Im_UpLE1WNS-y8va6fEo_AQHNfW0

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E290 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2637835754369258930&x=1&ct=119

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame E290 60 B
60 B 126ms
27ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?tc=9fc0785b2386e29f7b0210517b7bc960&rnd=1700616096133404

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 01:21:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 22 Nov 2023 01:21:36 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 713
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E290 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E290 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E290 0
0 27ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7KySzHO3ke7d5Xb8l3P4Xiw01KNlt42qMH_yPxeCAJ4xhPgj5ilJQAqimWINKG3Qj4ec44NOuDAJzEQfPrmp6FiWKrg
Requested by: Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E290 202 KB
64 KB 78ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 01:21:36 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E290 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9488723135582&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E290 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9488723135582&version=m202309260101&ct=119&x=1&cor=2637835754369259000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E290 91 KB
38 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byywd_1c0aItx0ZSqu1U1dhiFU20KAz8Usb6CCjx52jll9B0hQ-DcM8Anjsxs0YqyjJJy0Gl7mNnIaRIzE2uVZiCUpYpzGwyhnCHKSOvsQmYy9LrbAg0bOPUIyGhLTrTCKfNZ70NdhJJS5FDTs3JAvMbvjN-txOPe9H3g7x_vyYl4iUVQ&cry=1&dbm_d=AKAmf-BFG7z02B2u2SsLXJnPGG6XfNMHQOdFwM7KvI_YEUANRprnXqijpXXoCGXloJMIHqpk8Zpy5X9pjA7qIIm-Umm2qutjJE66LNZbZ3hUVcXl8h0IXqnKA4ChtdwnRKb5Yhs5zeyn5bxgs5N2i1LcAfcCv2qrxpDHu9TfoIFhwOdt4C76if2QRogNYM5O_WCe9V8z2sDgZDbinnHaqHI8N_Xh4RoQHSzw0vVdNtHabgQ0_L_nrO5uJ7D_9sKarQdg30mY17ufD9-UDLpuJ_g-0_zVTOZMDBOuqZpgTfgEOnVhhgGaIl45KNDBJ56sYPgO4lmJKiTtTPmFM-DsnWAP7A6qO5C5iarq8JT7dbrLOtoR59QKOnYWXhBy4vRekuKOnITqGCxyVAS0vW5hga0lFi1fu0FonKbBVkoEVMcCGZte9FYBgnFuDmEhWig-tR4zq7IlZgEGfBoMvPUBHOS0UYfrJ2dGl-501KOT1i2Inj631urOllxWgDFnuIOHNPfWLmIONAtPvLEkH3ratzJc4zvna-5jF8LFKntiUx7LEpaD4hRIz_of3h8wghX8Z-tM6jNxO89VAlYNjxo9iYUtPPUiEvPQZNof9uLFQFcJwM2PUDlctzZpdhutKGPZqTaYZtwyeoBOchDvlG2PxTt5EM838R5V83YGJ3hyCMxj9crve-8JWPBb5ZHwiren4s4S3JtCQxDnDJIjdV3Ded93DrkyXkWRp8iCejvWGpXnqnelo7SoRPyfdzUPqoRNvgQRWS2dqlZM5TkX9cIPziSKEWWMAAfT2aMRYEryCEFXlcZDWVQ6Al4EqD4n7WJTc7tQjk7hWu5YGwmwS66JUmZK8jKGv0fkxdpiPqTAl7_viaGRCqu9r9fis_ymNR7fHz9PxB7V7oOKyJhhiNSMZmEAb-M7ebpnQ3l32hf2TEkyVQgE0qal8sKIAMiNJCl95muSu8ZfHHWfK1Y1PKWNXzRkLgN358ubvQH6Cjb_WMHEo94hYNEa-qUvDhyoWw0mc1VGAHb0rA14KDHzyfHZG8z5JJClgZmPBUafhgNmr0KV6GAv3BIy1ePchwY_Ru2gwcYEI1tG5gW7ZOdfu0BYjWN3bQHPYkLPSMmPeLMHA0pw6kM7AtBVSYo1kJsmuIhx10KSjYOTSzMJH-cOoBY13q07SLKvZXs5BY8SSdMPQ4PzsLbnKLvDnzzdKj0ij_pi7htZXW9xkqqE3KpsyfIRH50UdBB85W4KvqYlMQB-_Bvl8Mr2T4EuOeF8RLu8gT4CChAe8lKzSiHxvuxA1bufjJvzHnZOvl3LSN4bPkTzb3YlRuElODsfmkllTxkN-XxpKGObZHzZOpP4s8Xh3NHPrFbhsATqa8Qw_CL1X0J_5YP3trT_YAgjQKKTEJliQeZXcJ2g4JyTEnI5lB-oU2xXWpYUOVvqNIMXfeTXuzxXxm_6zLGzYkpW9wWKMpCirewPNfEyZVeJ5-yal781wiDc_dWaShig1msrA9TQIObqYTuCRLF6K799Cm6R4Pxg3rpvj51blSo09XrJwt5shptbFBiqu7iE7oVtXdSJ5j4IlUOMiZxnl9y1z8f0RDrHelhkSJ8dK1zC4fZBdM8fsIvOQzr8a2eIf7bulxHrFSFdily0Ukc67Im5T3Kv6RblIiBfgbdPjnPz0kVRAEryiGkJoqDrQJ-SDUbIFdZEzl8MZChthJpECOybT8L9GwVppna25RGlT-ijnXZCqzKAJ-isWU_eMpZKduoiWGfouD50j3lRqzyfecjbP1dBPl8Y2iKXMrzuuQKTqF-HDhdkpOxjYENXdVp-EAk3DVqtaPSDL0VuEh_q1bcXYJSdemVdUVBGkCRaKQ-lNK1zfoyv2MYiC19M9cJYgZlj3LmetEW27RCAcH4oj5SiHWgJ_AcyHj24pa_AWu8EmIWFJYIV3jfLble72bLu9kbTc3ByKYeSBJkGh8ejGbqDJptNv_wFB7FWvB_bXTI6-howi57wkvkqVRV-HLF5EC96BaAo-FeR6K7qCZqSiUm-31eMIsOB0Dv4hih4YAFlYnjwV5WAoo2LKYARMNj3fIHJDEJT4ijgaGWqnQEULXAF13kCGb0Rsfbn1WE4xxZmqiAD6BP2L6oXEORZzYlciIyZx_1LR0pMbwMeS9oW8STqx2oeLeFd2Ejog80Ln0-TQCXWGDK5NPXE4giNXQapdhNBfYNva4KFE7euDOaO3Nl5lwWJZyOQq33f2Zpohnj6VWglnrqluZdy-53zpxQOUmJgtPm0Usm6EJryV4mSjmK0VEonGNLXJ4hY1qbjZwrNH9JUfpuF6iFqzSRX4pJITQhHEV2CSdNYNCyngFqT7qyj2z20HJxi0bK3w5JcQUL_b8_zFbjmYmEBwaDyLJS7-kCyEP8jWE4DAs_XfRRTcMilmX4dJ4DLdiLMPvC6sT8IZlciEeUhGC-pgfG-_ai9qRKacK6wanr-ZLzhD40dN-FN8KweKRMHacvVqUq9nGHvzQNAdxZPrpZLzqo4VmQYgMyE-Huh1TcPxf8LUenWcNIICAIpuqErUPDB2fPcao0bmgL5ICaog0r01FlMeor0yPYQ1O8CI15uphPbrx9TN291lVsdg2H08H5dVNqCZzwAJapc7WsT-Tp-oLWxZqDkFpEvM5BnoTwZsZxptfD0gOtITNUNdnNqybtDRMfuo6zFVUDjrB7Xa5oNqw5bpZf59ezD_DOeBG5vmQ-wEboy9NRhOeJliHYkjV8Cm1Xwc-IPCnIBcSg_UpU_unayu8z-M1PT7DIKaEF2xMtCM84UhnJ7WhQStB3c_pC2YOWBqEME_rkvutEaNUEcqh-RYZp_8cMh8jHF1zd4RgT1vZlMMYRN_euErMpO3C6ReBQnzTCwJu6epWAbtRlkILj5zuPjODjcB2GL12EEOn5kzJYLyln9410cyWkzyJ7a3gSj7x-QkrKyvjYfLyu1_0yFDGYqrQL8cY0-ca-sKvfAI9W6KkTbjrkaiIsNan5GlCyMGNMkF1Oljo4fif5oVPxBeeg7r-ZHX7cItdk85sTUAkKaliqVhDqx2j0nhgzHWe8PfOUqkqSdeTGzTeHOHdIdYh3YPHCOE15IY_wmPiySooxnE65NdqUoPMmBC-9YNjRqM4MLDyLlaT-fnqK3TfC1fazWzFfmyYaDTNAsXKRWzuBbzHGBKM6HQtcTX26dbo_LGb8YiWkwvcTmgGb83h6MvTBdyiWenegmy0nMlCR-hVktzulQzwqPdp0w72UYQfCPHR9FucN_-sx4o9hcRrhL2TVgvG8uNz6GfY13fmGacb8xfHXWJtUq9OEJ-yNF30sJhUYr7qWfs9eJTyNIkcAiqsH9dzfayql7IngUnjl4uNgPgdIH9C-KyF39VBASZmUfJDSHMKhdaU2Wg_EBhGQwMsKkAxmkFTod1OfnW3lSO9X3jwxX0hBka7MaYN7g7RicfiqG47qfRkWnILQqq0MBt5wxF5529LADOrBDIAae1BrHbDfg3LEg1xH2mWAakmht4tqURQM919vUYTwkzhg2MuI8jFNVTNyExglvVlZWmfIjkJbahB4Z2zwYXSSWzGR5Xsu4lQpYpUjkvbJGOYxlhzSvO6s7jiBlrwB_yi2ncJHaK8WPu2dgS9ZmoyF_uXukaaZVOvUadYzqBDMS-E9p-R4vop4QD2c4o8kCX6nW3bL3sTCe90TeUu-Rl5pMpAZ4zaRIc7XEBaPXrOxPBrNzUvVnU6ZhTu159_7wu_ANdue2vmboWAnMF2TYnHrlznxCgyBbZXYXIhyjcgxVn6mTCvCLWYfd4UoNwMV7OM4MtPqtNsCJ7Q4nKNTnubNaY-e2bahn6Wa3_B9p3eHx3Rjesn2A-Y5SFu8dqBg0oWkckHRuIf4DlLl0lZ58e9_U2hcypPrhzWKLDe90WTKIRB0afSrEBYsdGF1rLDFdRtnzZif-FR_JveX8vHjYK424DRkBky3KHA1vVIFNtr-xJHokWrRIAobz5yqbnw_06_mjvoIQ4_G89-IxKT6Pht-mcwdstAkrSi2h9WrJq_gXRcfJtR2G40GWuU18XMI2YQoFTM7-qRJ-cK6z0Blh2gR5bHwS5youO6Q19xHpDaGVwiTDNlLqtuTiS3WFdXbFzHVsWEj5Dog0pwkNLC9vB86e7AvM4v5SGwNaOgbz01eZz4bViLFCWoASzTaUXKYHj36_wYolMghz4PYxs0Lda5aRyhaq7DqIgyozDv95XEbC7gsmZZAgFPaZlxVHPeLra573y7cxxihu6FwDm21yHN1XmwmMQEpDKWbfXKMaSfR_cfxOHHlcQLIrxhL_ksbkAx9CKM29Ap75RnplJNfEkRVPPMLb2hi0Zb5R_nRz17Mw0I68FEjUHZl1pNMtBQMi3rF75LZE0u93w3OGt1AvwDg-l_HwQRYP-I7le7zmY4Z2JVbqs0HbGECS9nWcpHR70NpNJvuaLsFU3x8eH8gV5Eq5QiiF3wGMORuI2PzjCmNV547B0Oj7BJVzNNhoh2HzA_1dR9K-hwlPDccMZz19jOIidaF8XopDSejXmWQHNEziyWjn6cSCc08nwnfElIN8CTXnPSiaLsixaZZYgzk8qyezQ24ZRujoPIFQTTTr9c98E_xFOybxmP5EJgr0CjvClLCHORLk-0aStaQYB4s_bcDYsqaJEO3sQC_5&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=2637835754369259000&adk=3047537735&idt=43&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b55b71f4979d078b8caa9673b2d06b61fd9ad9c7cefd614ab46b80ee19d1e0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38819
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 04AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1

43 B
336 B

35ms
34ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsTs7thHq0o%2BJeYm27ycyEOstAhSLjBc7CbJEgD7jA927d4W0OCjlWOa7INvN9TWhOoBjRa90LckD6cXbOz4qNdQ%2Bnx2h1iAWyBzzm3AGyAM6mpzxoTkX%2F3E3LvyLVcluAsBXnlwrJzBpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829d5b4c4ad291e3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 04AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV1XoCp4HvP0U.2c-ktRiAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2

43 B
770 B

40ms
39ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFUarQHm8zJOu%2FiTk0HlYLTCdj2NvaASUlbAz5FT33XXAnkxhr%2FKPSChrSYGnGcQr3H2QLwpRh4ngNMn7c8%2BLa4q4ACtMAzJZgJ7dVuqiMc5W7M6KJzWGVWaLEMk5%2BxIslkmhj0lFeW0jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829d5b4cda4b3648-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuoRStUtAlgWk_actc28nM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 04AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1

43 B
842 B

33ms
32ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKKEht4BMAE&v=APEucNVDEDwDzOYjhRPZhcbNHsGMmr0FCRUdcQmkBKbaBF8PQ32VDUsmxwTWXFu0Ddf7y-OpblBK75NFxtePzxV0EF2y1DYj9K1s_O7kx_mYCvNffD_06aL8f37WFnDHWc9MxVG488Fxt9lNKuqvvBWBwspnX-8-jYh0vCAgdLFWSrgMMQjYQPs

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
an-x-request-uuid: ea115a25-55af-4a3b-a027-5dab3ea2be13
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGkdvENL6pMQR4GVM5mJZUE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 04AD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D

170 B
243 B

65ms
35ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
an-x-request-uuid: 35f46c3a-17b7-40ff-b5c1-1b9d94b7c962
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAzODkwNDc0ODA0ODYzMzY1Mg%3D%3D
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E290 111 KB
39 KB 96ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Origin: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E290 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byywd_1c0aItx0ZSqu1U1dhiFU20KAz8Usb6CCjx52jll9B0hQ-DcM8Anjsxs0YqyjJJy0Gl7mNnIaRIzE2uVZiCUpYpzGwyhnCHKSOvsQmYy9LrbAg0bOPUIyGhLTrTCKfNZ70NdhJJS5FDTs3JAvMbvjN-txOPe9H3g7x_vyYl4iUVQ&cry=1&dbm_d=AKAmf-BFG7z02B2u2SsLXJnPGG6XfNMHQOdFwM7KvI_YEUANRprnXqijpXXoCGXloJMIHqpk8Zpy5X9pjA7qIIm-Umm2qutjJE66LNZbZ3hUVcXl8h0IXqnKA4ChtdwnRKb5Yhs5zeyn5bxgs5N2i1LcAfcCv2qrxpDHu9TfoIFhwOdt4C76if2QRogNYM5O_WCe9V8z2sDgZDbinnHaqHI8N_Xh4RoQHSzw0vVdNtHabgQ0_L_nrO5uJ7D_9sKarQdg30mY17ufD9-UDLpuJ_g-0_zVTOZMDBOuqZpgTfgEOnVhhgGaIl45KNDBJ56sYPgO4lmJKiTtTPmFM-DsnWAP7A6qO5C5iarq8JT7dbrLOtoR59QKOnYWXhBy4vRekuKOnITqGCxyVAS0vW5hga0lFi1fu0FonKbBVkoEVMcCGZte9FYBgnFuDmEhWig-tR4zq7IlZgEGfBoMvPUBHOS0UYfrJ2dGl-501KOT1i2Inj631urOllxWgDFnuIOHNPfWLmIONAtPvLEkH3ratzJc4zvna-5jF8LFKntiUx7LEpaD4hRIz_of3h8wghX8Z-tM6jNxO89VAlYNjxo9iYUtPPUiEvPQZNof9uLFQFcJwM2PUDlctzZpdhutKGPZqTaYZtwyeoBOchDvlG2PxTt5EM838R5V83YGJ3hyCMxj9crve-8JWPBb5ZHwiren4s4S3JtCQxDnDJIjdV3Ded93DrkyXkWRp8iCejvWGpXnqnelo7SoRPyfdzUPqoRNvgQRWS2dqlZM5TkX9cIPziSKEWWMAAfT2aMRYEryCEFXlcZDWVQ6Al4EqD4n7WJTc7tQjk7hWu5YGwmwS66JUmZK8jKGv0fkxdpiPqTAl7_viaGRCqu9r9fis_ymNR7fHz9PxB7V7oOKyJhhiNSMZmEAb-M7ebpnQ3l32hf2TEkyVQgE0qal8sKIAMiNJCl95muSu8ZfHHWfK1Y1PKWNXzRkLgN358ubvQH6Cjb_WMHEo94hYNEa-qUvDhyoWw0mc1VGAHb0rA14KDHzyfHZG8z5JJClgZmPBUafhgNmr0KV6GAv3BIy1ePchwY_Ru2gwcYEI1tG5gW7ZOdfu0BYjWN3bQHPYkLPSMmPeLMHA0pw6kM7AtBVSYo1kJsmuIhx10KSjYOTSzMJH-cOoBY13q07SLKvZXs5BY8SSdMPQ4PzsLbnKLvDnzzdKj0ij_pi7htZXW9xkqqE3KpsyfIRH50UdBB85W4KvqYlMQB-_Bvl8Mr2T4EuOeF8RLu8gT4CChAe8lKzSiHxvuxA1bufjJvzHnZOvl3LSN4bPkTzb3YlRuElODsfmkllTxkN-XxpKGObZHzZOpP4s8Xh3NHPrFbhsATqa8Qw_CL1X0J_5YP3trT_YAgjQKKTEJliQeZXcJ2g4JyTEnI5lB-oU2xXWpYUOVvqNIMXfeTXuzxXxm_6zLGzYkpW9wWKMpCirewPNfEyZVeJ5-yal781wiDc_dWaShig1msrA9TQIObqYTuCRLF6K799Cm6R4Pxg3rpvj51blSo09XrJwt5shptbFBiqu7iE7oVtXdSJ5j4IlUOMiZxnl9y1z8f0RDrHelhkSJ8dK1zC4fZBdM8fsIvOQzr8a2eIf7bulxHrFSFdily0Ukc67Im5T3Kv6RblIiBfgbdPjnPz0kVRAEryiGkJoqDrQJ-SDUbIFdZEzl8MZChthJpECOybT8L9GwVppna25RGlT-ijnXZCqzKAJ-isWU_eMpZKduoiWGfouD50j3lRqzyfecjbP1dBPl8Y2iKXMrzuuQKTqF-HDhdkpOxjYENXdVp-EAk3DVqtaPSDL0VuEh_q1bcXYJSdemVdUVBGkCRaKQ-lNK1zfoyv2MYiC19M9cJYgZlj3LmetEW27RCAcH4oj5SiHWgJ_AcyHj24pa_AWu8EmIWFJYIV3jfLble72bLu9kbTc3ByKYeSBJkGh8ejGbqDJptNv_wFB7FWvB_bXTI6-howi57wkvkqVRV-HLF5EC96BaAo-FeR6K7qCZqSiUm-31eMIsOB0Dv4hih4YAFlYnjwV5WAoo2LKYARMNj3fIHJDEJT4ijgaGWqnQEULXAF13kCGb0Rsfbn1WE4xxZmqiAD6BP2L6oXEORZzYlciIyZx_1LR0pMbwMeS9oW8STqx2oeLeFd2Ejog80Ln0-TQCXWGDK5NPXE4giNXQapdhNBfYNva4KFE7euDOaO3Nl5lwWJZyOQq33f2Zpohnj6VWglnrqluZdy-53zpxQOUmJgtPm0Usm6EJryV4mSjmK0VEonGNLXJ4hY1qbjZwrNH9JUfpuF6iFqzSRX4pJITQhHEV2CSdNYNCyngFqT7qyj2z20HJxi0bK3w5JcQUL_b8_zFbjmYmEBwaDyLJS7-kCyEP8jWE4DAs_XfRRTcMilmX4dJ4DLdiLMPvC6sT8IZlciEeUhGC-pgfG-_ai9qRKacK6wanr-ZLzhD40dN-FN8KweKRMHacvVqUq9nGHvzQNAdxZPrpZLzqo4VmQYgMyE-Huh1TcPxf8LUenWcNIICAIpuqErUPDB2fPcao0bmgL5ICaog0r01FlMeor0yPYQ1O8CI15uphPbrx9TN291lVsdg2H08H5dVNqCZzwAJapc7WsT-Tp-oLWxZqDkFpEvM5BnoTwZsZxptfD0gOtITNUNdnNqybtDRMfuo6zFVUDjrB7Xa5oNqw5bpZf59ezD_DOeBG5vmQ-wEboy9NRhOeJliHYkjV8Cm1Xwc-IPCnIBcSg_UpU_unayu8z-M1PT7DIKaEF2xMtCM84UhnJ7WhQStB3c_pC2YOWBqEME_rkvutEaNUEcqh-RYZp_8cMh8jHF1zd4RgT1vZlMMYRN_euErMpO3C6ReBQnzTCwJu6epWAbtRlkILj5zuPjODjcB2GL12EEOn5kzJYLyln9410cyWkzyJ7a3gSj7x-QkrKyvjYfLyu1_0yFDGYqrQL8cY0-ca-sKvfAI9W6KkTbjrkaiIsNan5GlCyMGNMkF1Oljo4fif5oVPxBeeg7r-ZHX7cItdk85sTUAkKaliqVhDqx2j0nhgzHWe8PfOUqkqSdeTGzTeHOHdIdYh3YPHCOE15IY_wmPiySooxnE65NdqUoPMmBC-9YNjRqM4MLDyLlaT-fnqK3TfC1fazWzFfmyYaDTNAsXKRWzuBbzHGBKM6HQtcTX26dbo_LGb8YiWkwvcTmgGb83h6MvTBdyiWenegmy0nMlCR-hVktzulQzwqPdp0w72UYQfCPHR9FucN_-sx4o9hcRrhL2TVgvG8uNz6GfY13fmGacb8xfHXWJtUq9OEJ-yNF30sJhUYr7qWfs9eJTyNIkcAiqsH9dzfayql7IngUnjl4uNgPgdIH9C-KyF39VBASZmUfJDSHMKhdaU2Wg_EBhGQwMsKkAxmkFTod1OfnW3lSO9X3jwxX0hBka7MaYN7g7RicfiqG47qfRkWnILQqq0MBt5wxF5529LADOrBDIAae1BrHbDfg3LEg1xH2mWAakmht4tqURQM919vUYTwkzhg2MuI8jFNVTNyExglvVlZWmfIjkJbahB4Z2zwYXSSWzGR5Xsu4lQpYpUjkvbJGOYxlhzSvO6s7jiBlrwB_yi2ncJHaK8WPu2dgS9ZmoyF_uXukaaZVOvUadYzqBDMS-E9p-R4vop4QD2c4o8kCX6nW3bL3sTCe90TeUu-Rl5pMpAZ4zaRIc7XEBaPXrOxPBrNzUvVnU6ZhTu159_7wu_ANdue2vmboWAnMF2TYnHrlznxCgyBbZXYXIhyjcgxVn6mTCvCLWYfd4UoNwMV7OM4MtPqtNsCJ7Q4nKNTnubNaY-e2bahn6Wa3_B9p3eHx3Rjesn2A-Y5SFu8dqBg0oWkckHRuIf4DlLl0lZ58e9_U2hcypPrhzWKLDe90WTKIRB0afSrEBYsdGF1rLDFdRtnzZif-FR_JveX8vHjYK424DRkBky3KHA1vVIFNtr-xJHokWrRIAobz5yqbnw_06_mjvoIQ4_G89-IxKT6Pht-mcwdstAkrSi2h9WrJq_gXRcfJtR2G40GWuU18XMI2YQoFTM7-qRJ-cK6z0Blh2gR5bHwS5youO6Q19xHpDaGVwiTDNlLqtuTiS3WFdXbFzHVsWEj5Dog0pwkNLC9vB86e7AvM4v5SGwNaOgbz01eZz4bViLFCWoASzTaUXKYHj36_wYolMghz4PYxs0Lda5aRyhaq7DqIgyozDv95XEbC7gsmZZAgFPaZlxVHPeLra573y7cxxihu6FwDm21yHN1XmwmMQEpDKWbfXKMaSfR_cfxOHHlcQLIrxhL_ksbkAx9CKM29Ap75RnplJNfEkRVPPMLb2hi0Zb5R_nRz17Mw0I68FEjUHZl1pNMtBQMi3rF75LZE0u93w3OGt1AvwDg-l_HwQRYP-I7le7zmY4Z2JVbqs0HbGECS9nWcpHR70NpNJvuaLsFU3x8eH8gV5Eq5QiiF3wGMORuI2PzjCmNV547B0Oj7BJVzNNhoh2HzA_1dR9K-hwlPDccMZz19jOIidaF8XopDSejXmWQHNEziyWjn6cSCc08nwnfElIN8CTXnPSiaLsixaZZYgzk8qyezQ24ZRujoPIFQTTTr9c98E_xFOybxmP5EJgr0CjvClLCHORLk-0aStaQYB4s_bcDYsqaJEO3sQC_5&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=2637835754369259000&adk=3047537735&idt=43&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 07:58:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E290 31 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 07:40:32 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E290 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9021 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E290 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f319cdc456b56a68e1d05eed09015bcd7a290d6d2fded69e7dafea74579f3675

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B2B2 38 KB
13 KB 21ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56w...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320023-CPH
pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700616097.812533,VS0,VE105
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUcSzPDZum9FFGxYXd6aEc&google_push=AXcoOmQn0NCmVsTMspdlzpg06SlSsykOsiPb52S3epaUFIKuoxhXevJ56wvVjbjBuj-LDpLsiuiIShdiEdnqMoraOwNo5Oozu3BX
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENausSCMVOSCerJklFtNsL0&google_cver=1&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjp...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy

170 B
188 B

66ms
66ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 01:21:36 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tbIZefO8QxkBifcfkV4nzA&google_push=AXcoOmTpX4FVHUEhE-4AenJr826BJR8_FcueN2fDuIg5FZcGn4BrwhHuQoom758eLLr1HzlyU7cP0tWxKWCOnCjpWDpCXFEs2zYy
x-host: tde-deliveryengine-production-bb588bf9-l9j7w
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2C...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 01:21:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTU5vvPhTlcRPyopXh58oPNDgWG4IMnYHxr1aPz_42ai9cgsjJ7hMpIHTkT8cZchaWzL2pbMfCoSrxfEJL6N-IYL2CwgNRE&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
content-length: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 9021 43 B
199 B 165ms
46ms Image
image/gif 54.76.20.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEPvLxobvPFyph_2iY58WK3Q&google_cver=1&google_push=AXcoOmSFi_oESwCUU7CXB0C1axZ5sp06-5dCXZwePw28q3a2O9o_IXx4hII84WS5fsipYdSUpHLizRaAlqSRXUhHTzb8fS4PC-G8
Requested by: Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.20.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-20-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 01:21:36 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-78d37647-689a-45cd-9822-8b33fcc3e918-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSUgCoj1SaZI1BMNiknP...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUgCoj1SaZI1BMNiknPNglkBeMtVF5uAdNGW9cUYcn4FppIo801dfp0TCSMZsQ2WHBidElUcbc2amg7FGCcBQ0_IdNGdHv&google_hm=A3jTdkdomkXNmCKLM_zD6Rg
date: Wed, 22 Nov 2023 01:21:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX78d37647689a45cd98228b33fcc3e918003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9021
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIU5VN3vnNOuVj38s87moYo&google_cver=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFh...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM2NjYyMzc0NDAxNDI2MzQwOTI1Ng%3D%3D&google_push=AXcoOmTqtvEcNmNEJCfQLstiYuzoLhGHXrBA2dB2KJiGRbftPSrblTU6eMb6LaNOdYik0RoEPLB9l9yK3RSNk12KPCV9IH50AFhD
date: Wed, 22 Nov 2023 01:21:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 9021
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECTGz0mBQLXmkwq7t9KjY84&google_cver=1&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQYlt5jqhFof4cYvvrjecTP5x0AfZ6Uy9KDMUcLWr-TcH2SYFSBiYJm969FqLecpJypR9w3B5S2gv2v31lk1ky97d4rJQBN
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

21ms
20ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9021 0
59 B 26ms
25ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqXE-SsGjMGEYPY5CNDRGh2K_CMwfKYpdZjUBE6oB-Tf5G518e628ru5TzxNaCABPYFpNMNA

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B2B2 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC 6 KB
2 KB 59ms
20ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5324dde8156eb3be98a7c6c900646d3bb2bdd423af2e6090564ae66d5e9229e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 349028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2407
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 00:24:28 GMT
expires: Sun, 17 Nov 2024 00:24:28 GMT
last-modified: Mon, 09 Jan 2023 08:13:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E290 0
0 150ms
69ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvZA-0i6h-7IIaA3HdOysMGPvp71ALGHVVXzqD7fpL659Gn7HcbwjRRCbW3s0KhO_3b1IN9TCk_BtjmnV0i7Awlo1u545qCU7q0FwDZTn3nNvVKKqXX88pythGkVyt38gsA__rWUKjBr8lI2XOpZNx9YjlXSzupJTrjYKN4Hrxr_KIYsD3z2BwvsB9GxK88hne-bRhVUrSicjmz9CD5XV3TjnD1zO-REozigEf9gwW6iL8fOS4v_pnhkUEOvSuQubb47d-wsjWmJOejmLqr4Qc9hnmHopuztSVBmP98fbQX5xlh9m81EmICB2t_UDSiEN8y1plYVmHgBsIWfqM38RgLkgWg8DcRznhTiR-wkBkXy1W2CYoK2JNcGtxbrQ6LOfjtgzWdeyRt8M2c4X8MvJkgcOfa0eTP1B7mfBxdcDgOnJUk1g1tBkYBMkk9p2WJaB3uowJ-M-VQZE5D8YXS2qkcpFm5oJeoKV-X-MGvGin87jv2EZ-HnFb-_6oqBqSDhjk8AQKHZM7CtBu4uK5SNcfnJKg7v_3RlATr9ZJ1z0K46DMOdHPWkwcf--7T0e65z9dmPuqR9bQI1wJg4eW4v3AYi79AlsXwvUfZzTFn_Rjv6uUm1IlRSl83gKFk3ahd1-kIO0Fla1SX_HMzJbD13qI5Q8hD8hIjmUz6vO7Di0M1y8cuD8TstRxfFx181BTswOtoxTgRqzHWnqXsoA8MsBGwc4fFmZV0GISvb-2_Pd_ZfAmxBHMz6RjTzyQkD3FVAAx0SRxUolVAAo8AfGx-lT6rpMQBQpN5O8LNA3mG8JZODY7TpgfIUmm49XcQ-zmLmpsyyX2LYzD-T-UaHqCmv7qSQ54Qb4Yc8AxyyFfLhLt7U8RomRHBByCSaLy7HQy4TR1w3Evkyq0wxrpUiv0Xe1jTSyZ4WPDh0in-5kM26WZreoTR8IT75ZFC0ft-PR6r9ctMXvezuCbEKFMH7DzuBdH8u060cr2OQdKJMX9-Bojbzgk0BejbIol0PdN0-5APkLBzdRJOfe0sTZLYO5g5bt3ub8Kvvzka9gXpCT5tWGPRwyb6KNznG-lfmbzshWiFiIWILgkMkTVWR_Es4teicu60b42Ex2jgH5cMLRcg6f9De5sjvX5lWHPsUY4IIiAEtcWnx7LwwVrdGVrFT2bTw6Soourm1vmRplxWsVaifrIfIQV-_DVNhKR_Q_6Juku0Ic4X-o6f0mAfVz7jSgtGNyq1LH9jglXnVVf_yUm3myefTrrRePABxrKCL8sY6HX5IkFkzbvHXGOSbIybYw8QOZAj_mQAwJoFDFyTUcg9N007AV0sKyWhwYvYgF71oJEOgt018S_QK7NcsCMup8A7p19nP8Rl9uv1jAzGTkJ6hyJTv2L-PfrLy_PlX_fw3la-AU6xQf6kxG1H_9y0-TtscY&sai=AMfl-YRW0Gk-XAgvn3JQ0PU9ooW3-MdKl6TS1Q72l3ar1WZffwBe3i7uGD7TcNq1qP071LKFHuINEi2dDdXEJGuKNxkHcTfxEuA5KifZ9RNUdrd8a0VxROjj4QLSYPZulPDkOs3g9WrGAl8zgFUZiCTJpOOqapATVzYwzXmodgBO1-4GNiRh-TBOKEbgplRTllk1Wneu_z4c7GksqCFETdHBhV5fULCsAx5LRyV9VQ6yNwy_zDNkUFbeVxa8jIz_Uk9_H4UvTVM&sig=Cg0ArKJSzKSX28ZgBjDjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=132&cisv=r20231109.24545&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6EFC 236 KB
63 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 01:21:36 GMT

GET
H3 200 roller-kwxx-300x600.js Show response
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC 20 KB
4 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/roller-kwxx-300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3f802531be5cd9f0c8bd2573491dd5766b94ca7f2a5218225959419cd08df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 13:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4096
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:13:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Nov 2024 13:21:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B2 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7kfnoFddZfvmIqjA9u8PvIWl4AEAAAAAOAHgBAI&bg=!eHulezTNAAZxrfrxUa07ADQBe5WfOH04hZKFNbeNQsQWswslnPQNDVzD2_p8SyZ1m41baIC3Rq8GOVGodYw1Hnyw-yKBAgAAAEFSAAAAA2gBB5kDCpxUgZwMzCVF0R0ZUk49OxBOmawixIoyUwToqvOVpdzCIcF-2U99iNIFWC5FBV2zHSG80LO3Dffsa7N4nyK-tqA4HhMp_VoxgCojEi1Zm63W1A-iVDazXvcNTmRa6gHCgh7da9jbwX1bOUd3gxHmoBFWIvma19EQr55bhSDU8j6Zl9rxi5C3FB3RO0g0i_Dy2yvEooY8z95XrHJxZ0oiixTWLHWV-fL8alARFs_GCU5wE7IAg8z1NV3Ps5463tv173F295KjQ6eMXx2mKerCwuqIjLYVqdbdSY1Q8QgVd40FklDeGAh41BW2O_PDdQCSkNUa1EDunhIPjsPZq23Fez-85CBo4QceFezawhKtVkZpH7ZsLgVOvElQROAEG6CyWESTM3ghItO00CrhgLrzmAgEtFk89AeyimvK-5GKLj9rSX0K84n4D4veTUtseLFvzfmxub-FD6Uutc6gt26slJ59SEIqpl3IawUC78vONcUQajPFyVnr2byvxvR7sU_1wkMKuKTvOBBLmQP9Kq7yBrlssYKt6IjOHFqBG8U_pMR9eo5oYLICtjMsf-NjiioCWUtStu44JXYW9xvDhW9zMI1eXqKpr7Ujc0mzcVTyviU7F7DROEYd1mCeLuEaqU5g70OTlZsNK0AGpaIZpoCgxtFc7qOHFhgRCo_UG8LPbl9ucIRAJ4LVBfbLGick0e1U9k1YbXMzzQrwMVtYYKGMswMzhaT7jqKEtIlKnwMw7vR4JYdxYOBzvPou5EMoUYCaBzmGUWwvxDuPdLVGSh76OoA1_8-5lZYNGIRm-izfpOsAOPInU0DU4D3WaX5KhYqIjDOrQb1Na1Vgi8Jasfdw5L2FVYyXizEFh3egm8XRlG1zY9bO7zwlX--JSkTVm5-lLxW_x4fh1NtOdCoBg52LX-EintRc3g23O-Gw8sE9IApPuqzuDSfygTDe_kyvvj2jBZsqbcuvWgdK3qlofx-I74JdvDkmoQXdbmsE6AAAqzM3cwbV5jKa2DC5rgxS1vRFaj_xQnY6rz1HlyI

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E791 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:33 GMT
expires: Thu, 21 Nov 2024 01:21:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg300.png
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/ Frame 6EFC 111 KB
111 KB 20ms
19ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/bg300.png

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32f52b8a1ce45c301aacd2f2ae409a4a7c062fd36e5e82d4cfce3eac70deab72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:22:59 GMT
x-content-type-options: nosniff
age: 435517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114093
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:13:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 00:22:59 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E290 0
0 59ms
58ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvZA-0i6h-7IIaA3HdOysMGPvp71ALGHVVXzqD7fpL659Gn7HcbwjRRCbW3s0KhO_3b1IN9TCk_BtjmnV0i7Awlo1u545qCU7q0FwDZTn3nNvVKKqXX88pythGkVyt38gsA__rWUKjBr8lI2XOpZNx9YjlXSzupJTrjYKN4Hrxr_KIYsD3z2BwvsB9GxK88hne-bRhVUrSicjmz9CD5XV3TjnD1zO-REozigEf9gwW6iL8fOS4v_pnhkUEOvSuQubb47d-wsjWmJOejmLqr4Qc9hnmHopuztSVBmP98fbQX5xlh9m81EmICB2t_UDSiEN8y1plYVmHgBsIWfqM38RgLkgWg8DcRznhTiR-wkBkXy1W2CYoK2JNcGtxbrQ6LOfjtgzWdeyRt8M2c4X8MvJkgcOfa0eTP1B7mfBxdcDgOnJUk1g1tBkYBMkk9p2WJaB3uowJ-M-VQZE5D8YXS2qkcpFm5oJeoKV-X-MGvGin87jv2EZ-HnFb-_6oqBqSDhjk8AQKHZM7CtBu4uK5SNcfnJKg7v_3RlATr9ZJ1z0K46DMOdHPWkwcf--7T0e65z9dmPuqR9bQI1wJg4eW4v3AYi79AlsXwvUfZzTFn_Rjv6uUm1IlRSl83gKFk3ahd1-kIO0Fla1SX_HMzJbD13qI5Q8hD8hIjmUz6vO7Di0M1y8cuD8TstRxfFx181BTswOtoxTgRqzHWnqXsoA8MsBGwc4fFmZV0GISvb-2_Pd_ZfAmxBHMz6RjTzyQkD3FVAAx0SRxUolVAAo8AfGx-lT6rpMQBQpN5O8LNA3mG8JZODY7TpgfIUmm49XcQ-zmLmpsyyX2LYzD-T-UaHqCmv7qSQ54Qb4Yc8AxyyFfLhLt7U8RomRHBByCSaLy7HQy4TR1w3Evkyq0wxrpUiv0Xe1jTSyZ4WPDh0in-5kM26WZreoTR8IT75ZFC0ft-PR6r9ctMXvezuCbEKFMH7DzuBdH8u060cr2OQdKJMX9-Bojbzgk0BejbIol0PdN0-5APkLBzdRJOfe0sTZLYO5g5bt3ub8Kvvzka9gXpCT5tWGPRwyb6KNznG-lfmbzshWiFiIWILgkMkTVWR_Es4teicu60b42Ex2jgH5cMLRcg6f9De5sjvX5lWHPsUY4IIiAEtcWnx7LwwVrdGVrFT2bTw6Soourm1vmRplxWsVaifrIfIQV-_DVNhKR_Q_6Juku0Ic4X-o6f0mAfVz7jSgtGNyq1LH9jglXnVVf_yUm3myefTrrRePABxrKCL8sY6HX5IkFkzbvHXGOSbIybYw8QOZAj_mQAwJoFDFyTUcg9N007AV0sKyWhwYvYgF71oJEOgt018S_QK7NcsCMup8A7p19nP8Rl9uv1jAzGTkJ6hyJTv2L-PfrLy_PlX_fw3la-AU6xQf6kxG1H_9y0-TtscY&sai=AMfl-YRW0Gk-XAgvn3JQ0PU9ooW3-MdKl6TS1Q72l3ar1WZffwBe3i7uGD7TcNq1qP071LKFHuINEi2dDdXEJGuKNxkHcTfxEuA5KifZ9RNUdrd8a0VxROjj4QLSYPZulPDkOs3g9WrGAl8zgFUZiCTJpOOqapATVzYwzXmodgBO1-4GNiRh-TBOKEbgplRTllk1Wneu_z4c7GksqCFETdHBhV5fULCsAx5LRyV9VQ6yNwy_zDNkUFbeVxa8jIz_Uk9_H4UvTVM&sig=Cg0ArKJSzKSX28ZgBjDjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=263&vt=11&dtpt=127&dett=3&cstd=132&cisv=r20231109.24545&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9870 640 B
308 B 34ms
33ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E791 172 KB
60 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Origin: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:58:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E791 7 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 07:40:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E791 23 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 07:40:28 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E791 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E791 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9FE1 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E791 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E791 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_xWVjZS2X2mz9qk-0yffbMqWQ8WE68sRj3AzfdpszsPm4FsEwmExmtp-csXGmj1BvqU9d0dyFB6hp42SZwtGl3ePTtiZdUjjuZUDtm61PjGnrRMU

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E791 202 KB
64 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 01:21:36 GMT

GET
H3 200 logo2dwhite.png
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/ Frame 6EFC 5 KB
5 KB 20ms
19ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/images/logo2dwhite.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:47:21 GMT
x-content-type-options: nosniff
age: 372855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5587
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:13:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 17:47:21 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E35D 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9870
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1

43 B
114 B

35ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbVBRSxlxB6_VVzM8LdcAI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9870 43 B
219 B 59ms
33ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 9870
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1

23 B
163 B

72ms
53ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 01:21:37 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEPlKyQ0RdZ8XF_X0s4qp91U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9870 23 B
163 B 133ms
51ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivz7P8ATAB&v=APEucNVOmzAMl0C-bJ5VLjVWf7Y1U-S59mG50JvC256YZXGq6w2Tzc1VmswA7vBRUTiyIOy2verbxZYqTWAm7GZ-3g10URUBYBQ4RyxPMN__TcvXbzzSadxoNyAkn_hgLQoh_kVQhWsFwXTYb2hmOcb-KYTVpbUtZG_9nHCZhQf8AZfOtL05Vbo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 01:21:37 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame E791 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2358cb659bf297f749541b366e8ad0fdaafa5825074b78ab33fb74fb0bb55df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9FE1 35 B
463 B 85ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBnQ1njxo8bzSgj05EWktmk&google_cver=1&google_push=AXcoOmQLgvF9Ey4pzqT_ZqVN7dolq5M3qcO1tODizzlkAGw0rrumxcNStClHG31wLxxkJy7-ev3PHWrAh5pmPOKOLGt2NJTtD0k

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0Nbis...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 01:21:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dG56VGFxMTcxUjVCVlQ1&google_gid=CAESEPM--3bgL8kUwsXLoj_cj1Q&google_cver=1&google_push=AXcoOmSQ-TenUpKZ6De_-INSzep6YqrXazbfSWInOh0NbisNJB1bWXxLtBxs-wAKfVxaSDXdtZ71Q9Fa_XTk9hZrENs09GCyVukv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJhXPmnLj12ZwscyKtkkZIY&google_cver=1&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0Z...

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 01:21:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOQSVzD__CmEVYPcFOyxd3US5ubWKX59z7ycNZ16ujUjpuFsXj29omrgerR8Q6-aAtuutvhfiiFqLfgcsFBbHGC-4Ab2c&google_hm=eS16SVZIdkE1RTJwSEFuT0ZMTzF5VTJ5dWFlUmo3V3BDSn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL1ePyN-ubYApEjCz3eOh3c&google_cver=1&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVY...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMyNTU4MzY3MzE0MTkzNjMzMA&google_push=AXcoOmSbwZunjtg3ivSA3goD5WaEGskeNzFZLSUa_60l6HHrF5-K5d2Y0kus9-vBZMw9msTbIPvaVYrT5d-6bfiS6bj2W96gVpM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHCCOlT-2CKE7lPcCdhdj8&google_cver=1&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBlt...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5MldYTlMtMVktODFRVw==&google_push=AXcoOmSTMlVZkJvBEs0qC5lEdLA5LnJv7KdH2ytyZ3Vb92hwC0tOpv8fO4P-r6EAF9IdFK8QBltBVAeyJL-L5g7DbqxZEpdwoYE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyh...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3yTHiFQmJIyuo5wewTNiN0thUHJYqrY3uJ8BskANuFCw0xET1bLhB2BY%2BNmSdoHnM0bjqhSqtv8xMwAWKUdZ6%2F940gaSbIoexfmyZ%2F8wcu59K3lIRADrc9e5SJzXmzFYJaK0pDdvc5rFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGLdXwKqgLvnXXTvjiqspnw&google_hm=ZV1XoCp4HvP0U-2c_ktRiAAACIoAAAIB&google_nid=index&google_push=AXcoOmTZWVkDvoyu6W8T7me4WWEIGNWifEPyhQ0X-MQzqteE_UhhWtRU25Pmxb7EJZ9xV-kvijcnkz4hItuUV4jxdOqy60CvReIF
cache-control: no-cache
cf-ray: 829d5b4e0b7a91e3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 9FE1 0
75 B 184ms
29ms Image
text/plain 81.17.55.108
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDd1-oF6pqiEwwym1tDUGnY&google_cver=1&google_push=AXcoOmRbeS7mJH2yWRmeDTRjLo5pCi5tlUXNWmpWNAYC0P4VeeTeKd_C-Esu6Afq95kbaIZ6ISeLhBBXDqlJRfN7aIn5A6ZcjQc
Requested by: Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.108 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9FE1 0
12 B 56ms
55ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jm6TpIPGh6bIXUyEySg6pxJwkgAf8VMFkuII3Eovf1VokJLfQ5VrRghrxNSkteCpjhL_By

Requested by

Host: 6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
URL: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/17952959967271059456/ Frame FCBD 47 KB
12 KB 28ms
27ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:36 GMT
expires: Thu, 21 Nov 2024 01:21:36 GMT
last-modified: Wed, 15 Feb 2023 15:44:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E791 0
0 135ms
77ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst84tHN6fKTJhB21l90TeWgcBalish7-YZG-CbTqe_UrWueD-zwTrQt_5PJ3Kyxe-qyBOwXWDf1yLyWjHmjDAQw9YG97tds2aEWcliZqvAIAvf_1mjkZNEgkC4gezYnxcocLQz4zfpGVHOwXyN1QjpGp01TRN3h6C10kYOG-amKxcZhfWcR-0PJryhLBWyRmYx2v6N8toomtrOaLJytfk5h53FUH2aSLBeyY6G7Uto8UfiqIAu-Q9DwsglqZlPTjGQzGNLtRSmXQ2HJmgzvjZUGPgChyJHlAZnAR9FrUvGDn9iBaaqgjz9AZnyI8UPuWarMBilXCPeBASUK5OXPXkC4JArj2t4VxXj0UqzZNqVLgMWs61BmIySrY6PhS1SRtrwgSqUFS_UxhVl2Rd4DhrJ0di_BfGYACzUcKQMVJZcBXqqpNLTVmFvOY70aaH8LocNPY3BmG1gJF7OyOaGf74L4P6Q6gDvwTuXPi1crn3NcFrILEquMkPaWDPDOqAYks6YwmJQJOkxIFoFaGuoNR79Ux4c2TzyZhrjOY66UIIjHnlYh99SvN9LcRGDvU5NGnNjb7UKRmyKX7Yp3AGclsWQLhgT8PNmD5EE7Keq7kC2zfGJrG8xH8gzEqFOapeH4wnlNijjVtQR6PpJmRaFk0mgmKhDq4Kw9eBb5RK0PWykeNQlc-XQ5-7JqFaMaA5_Uz3p6T47QJYifeLq9O3WMHlvCzPX1ji6Bfhj3WGdc6X90gJPFY2QKdGUhofaWUsyXnxJtiDy8a61vd8jdcjp9ZgEkGFXZSWdxIkM349AeA_Qvx7uqEgB6_wyDU7vvWotpoQQV8Ep5BJ2AcZp7PGUQYvStx877tuXVUHvsJD93_Ls72QiWf5sIWN8Ftwqk0c2SWSdL3YvTIcOSGG-C3BosMnQZ0Qn7yHX-o_x4e3Yxzdxvd64LWWP82613Mn-0uyvMIivO5bn9GGF4D6noIpSXbzPsI0Cu3f81dsAmj7WLRjL5mEZ7jfFcqt0b3l7JOCTSInhjbIT_hreES4TwACaaZiFE370ArYaeulOsyN0pgg9pv5Pe-x7JJzlEwAeQcxdTgFptpgFgxzkaE5Z8l66jNXWk7v9jWCOtUKV_5GrzgDHtTt6aJ9pt7aZYSrvSAfslmf3CcSU1lhZWYs-cS2hkd0-9vER2n3QaSY77DY2ohjHVppZqzkqKF1nzD3MtgjdWtMOJ6re7k0OYfIrQiesHHlLybFnZMHzApDexPJznQdDtNuPXKWemNpn3e3YhuWUQcoASYyuiXDRyKRSH6O2BfAdNof5ixD3op7jtnoCgqi-ULmxRomL7l3KygPaXkMPW_vJKWFa_RRHQmpXoqHwvLp-6dMDl9dzMWvxIK1FvPN3XB1rhGMYRXxebZ-L3raYpCGqwPbf1nsK_NAzKntSLlF4Bbju2L-XusEBndoElFDpKXCsbEoNN_yEOcyKNLBEghLZmfYWPndvIs5lrF-myPg9alKDo3NtxIPgO0rZGF24v&sai=AMfl-YT7u-maObVQqfy4K4nHnqu1iFFj_2Di2Fqfbq9U5h_oi7VjWNDqD-OD480ZlJNI6BDAdXIa-0WbZr99-LZDv4MX5unPQbuDuKkwjrRgDX86AHTbNM_u3WeB8Gc0dlttoxwpsv9jYG8Ajq3UODK6vyNMTMID-6n_oGIL_46oirtY6d8CyYz2Aq9C4sqqpYCB2IVZ1IEv6SB1g4se5IiW2I-1kF5vY0zCJzFcmunTy_rGRcW43TD6Nz8g51CESK5z6lQV8RDScuSuAVcac_baZzE2D495wwtTIa-do3cw88yxBUaVhSx6Z-slNuPa9z7wkRtVaYDe8owcms4F8fe3AOPnsUjE4fp34PV_BDR2KedUBiTvelwZspDJJBa7M5OheYnfQtxizOhD-KxSu1JXALN-Nj97uKpbus3gHoM3EW3YtYH4PpbxJQ&sig=Cg0ArKJSzH_UFbUqWvnJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=49&cisv=r20231109.88111&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FCBD 118 KB
40 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 04:12:33 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FCBD 63 KB
25 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 01:21:37 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E35D 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 Cairo-Bold.woff2
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC 35 KB
35 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/Cairo-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 12:20:45 GMT
x-content-type-options: nosniff
age: 133252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35836
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:13:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 12:20:45 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E791 0
0 67ms
66ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst84tHN6fKTJhB21l90TeWgcBalish7-YZG-CbTqe_UrWueD-zwTrQt_5PJ3Kyxe-qyBOwXWDf1yLyWjHmjDAQw9YG97tds2aEWcliZqvAIAvf_1mjkZNEgkC4gezYnxcocLQz4zfpGVHOwXyN1QjpGp01TRN3h6C10kYOG-amKxcZhfWcR-0PJryhLBWyRmYx2v6N8toomtrOaLJytfk5h53FUH2aSLBeyY6G7Uto8UfiqIAu-Q9DwsglqZlPTjGQzGNLtRSmXQ2HJmgzvjZUGPgChyJHlAZnAR9FrUvGDn9iBaaqgjz9AZnyI8UPuWarMBilXCPeBASUK5OXPXkC4JArj2t4VxXj0UqzZNqVLgMWs61BmIySrY6PhS1SRtrwgSqUFS_UxhVl2Rd4DhrJ0di_BfGYACzUcKQMVJZcBXqqpNLTVmFvOY70aaH8LocNPY3BmG1gJF7OyOaGf74L4P6Q6gDvwTuXPi1crn3NcFrILEquMkPaWDPDOqAYks6YwmJQJOkxIFoFaGuoNR79Ux4c2TzyZhrjOY66UIIjHnlYh99SvN9LcRGDvU5NGnNjb7UKRmyKX7Yp3AGclsWQLhgT8PNmD5EE7Keq7kC2zfGJrG8xH8gzEqFOapeH4wnlNijjVtQR6PpJmRaFk0mgmKhDq4Kw9eBb5RK0PWykeNQlc-XQ5-7JqFaMaA5_Uz3p6T47QJYifeLq9O3WMHlvCzPX1ji6Bfhj3WGdc6X90gJPFY2QKdGUhofaWUsyXnxJtiDy8a61vd8jdcjp9ZgEkGFXZSWdxIkM349AeA_Qvx7uqEgB6_wyDU7vvWotpoQQV8Ep5BJ2AcZp7PGUQYvStx877tuXVUHvsJD93_Ls72QiWf5sIWN8Ftwqk0c2SWSdL3YvTIcOSGG-C3BosMnQZ0Qn7yHX-o_x4e3Yxzdxvd64LWWP82613Mn-0uyvMIivO5bn9GGF4D6noIpSXbzPsI0Cu3f81dsAmj7WLRjL5mEZ7jfFcqt0b3l7JOCTSInhjbIT_hreES4TwACaaZiFE370ArYaeulOsyN0pgg9pv5Pe-x7JJzlEwAeQcxdTgFptpgFgxzkaE5Z8l66jNXWk7v9jWCOtUKV_5GrzgDHtTt6aJ9pt7aZYSrvSAfslmf3CcSU1lhZWYs-cS2hkd0-9vER2n3QaSY77DY2ohjHVppZqzkqKF1nzD3MtgjdWtMOJ6re7k0OYfIrQiesHHlLybFnZMHzApDexPJznQdDtNuPXKWemNpn3e3YhuWUQcoASYyuiXDRyKRSH6O2BfAdNof5ixD3op7jtnoCgqi-ULmxRomL7l3KygPaXkMPW_vJKWFa_RRHQmpXoqHwvLp-6dMDl9dzMWvxIK1FvPN3XB1rhGMYRXxebZ-L3raYpCGqwPbf1nsK_NAzKntSLlF4Bbju2L-XusEBndoElFDpKXCsbEoNN_yEOcyKNLBEghLZmfYWPndvIs5lrF-myPg9alKDo3NtxIPgO0rZGF24v&sai=AMfl-YT7u-maObVQqfy4K4nHnqu1iFFj_2Di2Fqfbq9U5h_oi7VjWNDqD-OD480ZlJNI6BDAdXIa-0WbZr99-LZDv4MX5unPQbuDuKkwjrRgDX86AHTbNM_u3WeB8Gc0dlttoxwpsv9jYG8Ajq3UODK6vyNMTMID-6n_oGIL_46oirtY6d8CyYz2Aq9C4sqqpYCB2IVZ1IEv6SB1g4se5IiW2I-1kF5vY0zCJzFcmunTy_rGRcW43TD6Nz8g51CESK5z6lQV8RDScuSuAVcac_baZzE2D495wwtTIa-do3cw88yxBUaVhSx6Z-slNuPa9z7wkRtVaYDe8owcms4F8fe3AOPnsUjE4fp34PV_BDR2KedUBiTvelwZspDJJBa7M5OheYnfQtxizOhD-KxSu1JXALN-Nj97uKpbus3gHoM3EW3YtYH4PpbxJQ&sig=Cg0ArKJSzH_UFbUqWvnJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&vt=11&dtpt=142&dett=3&cstd=49&cisv=r20231109.88111&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FCBD 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:15:08 GMT
x-content-type-options: nosniff
age: 389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 01:30:08 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FCBD 46 KB
46 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:20:26 GMT
x-content-type-options: nosniff
age: 71
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 01:35:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FCBD 8 KB
6 KB 35ms
33ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55c4b0671fc364ab88679e5c22d6b0d70ab3f154e593bffe67fa4ecd8f1f1461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5946
x-xss-protection: 0

GET
H3 200 60005582_20231018074030442_APP_iPhone-15_Watch-S9.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCBD 40 KB
40 KB 28ms
27ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074030442_APP_iPhone-15_Watch-S9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:49:25 GMT
x-content-type-options: nosniff
age: 34332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40901
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:40:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 15:49:25 GMT

GET
H3 200 60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCBD 30 KB
30 KB 26ms
26ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:10:57 GMT
x-content-type-options: nosniff
age: 15040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30980
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 21:10:57 GMT

GET
H3 200 60005582_20231018074100388_728x090_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCBD 27 KB
27 KB 29ms
28ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074100388_728x090_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de58674eff9a7f8dad274fa31507749fdfcf2df5a460736822f13ca172fd01f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 14:05:33 GMT
x-content-type-options: nosniff
age: 40564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27962
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:41:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 14:05:33 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame FCBD 43 B
606 B 333ms
33ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14121_PV&mediacode=30943251_4307561_379661840_145341330_PO1803A20231020&ref=30943251_4307561_379661840_145341330_PO1803A20231020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 01:21:37 GMT
via: 1.1 varnish-live-1-0
CF-Cache-Status: HIT
age: 582541
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Thu, 09 Nov 2023 15:03:02 GMT
Server: cloudflare
etag: "2b-609b98009f580"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 1122438
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 829d5b50f84404a3-FRA
Expires: Thu, 21 Nov 2024 01:21:37 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FCBD 26 KB
26 KB 31ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=iUazTHGKzS&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:13:55 GMT
x-content-type-options: nosniff
age: 462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 01:28:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FCBD 17 KB
6 KB 243ms
242ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 01:21:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E35D 0
20 B 257ms
256ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BoN-toFddZcfVIJm73wOHv7n4DAAAAAA4AeAEAg&bg=!ZWalZinNAAZxrfrxUa07ADQBe5WfONAv4WZ5L48oVi6PWV32y-LzOHuNV5ClB05E7M7NIW5nRw6nimh2jf4Gl8PRK2rmAgAAAINSAAAAAmgBBwoAg9tG1jRl0iZ8-qWtQ9kOjvKTLkG0MWVdJmhpB2TKu4BszMphR-T9K0VlEW6aN2NTrnl49tAwC3CJWQ9zXlFNAu6e-kDYiwF9lm_Q9Wyu_uGkmY1mjYjdDCNOJKYugVqwexIk7MXwNOGGjB3dyd3exPtgKw3bdV5idPA712Ns2BpOd8aMmQMESo9pjxun6DIKxUUrqllwIBqM-gZYsyOB2RODx6u6C_pi9-cbMaY-UnCeK5sGshRKzPsub5vmS5dMnAxv55C8LzE_PL6zayTLefcV5m5liEAZ0_Xt39FjW2P1QpfoxfkZqWS9gcI3UkEWOOTuc7CwJm4wtVk_KVWoiaAzt2wR-0QzFTVBF8esuoWzGASM3EeSfm6RkXc6J4Ut7RmtFzGK6KnKhc3YUrWrGWmU31ryuyzLHtuBaHFsMq9B0ZRiXm0JbDD1vIVN0bU9aXT2vHGh9CNOiAUaIi0GMu3ciMI1UwKerZdJcuzsnYhzEaHULJmkP5WnLH3S6kRGb7jELWaHYWTMo7_N5mFd-zpDgpV-rcEQjepJIfsTwniHQE257BZ4ii_IQLeBpf6cu5xrxeUypygzjpCw-OF9O9-_nTy1SEmSSDcBsm_3TFgRsqdh5Bq-2G1RTsUhhLNvkEsgdspfZK5D6iGF6NuNMb6RfjHaMgvcZ96FFVEWwebhJr-mU7BUsyP7SyobkJZ97b10pRE0y0BuBFxsrJj1UHgHv2XHkmKo5GtKSnP6o0F_Geav9U79SBlr514hPD7_VxBkLPbtkftbkgm5AiNV2G97_tpgkG4MquQSBimG8X6ZKLW8p9SofTzzqa71nUea3yiXKf1SqW-RvD17Gu5sK5holnXrXr0ZFOxiV4jb2yEcpur-Y1p_8gR_jgFBoStn2mdUw3rZGVhm2Sl0f20rsHPD_uD3cLfA7zUFJ9JsnNbnI3XpZVfGPF4Pv4YPh1dPFPcHzvPUmUiIX7BA5Fn-k8vo7JA8K6MbocB4VykOU0kIfpvBxwDC8O4BI0sUXPIwH0cxc196vOy4fCTJtOUGvZkftPPHHWZK6Sj3alBO3ShiFcFrWEFVmuaKJBb2zG_aEap1szyRJknYpVifC6icE0pXPJQp3GT_4kup1hGjPb17zfXhqLVBEbyioXb9x4Z3oTPYrbDK7ncgI7GbseMTq_AwkBin3ThuQkXA3bK8gIBXa9k8_CjiMt3Qqw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C3E 39 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E290 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0zrIAPcshf45vekZv8h4LrCqp4nOlAQasgmigrSnamLnSVSsUjGn24Adys6XJDU-zl-cumY5xh_yCFZSZX5QXDAeDpefuf8oI_5XNgHjAY0Vix1oxR-7YAvXB3d2KVx_i96kP1kx8ih_f&sai=AMfl-YSYc9HOPWtj6bEkOmaxlMOgsIV9nwHG2ZwiCeWZFMN2ARUjO2enSWzeObo4QGu6mHvJyYDu6aMx7J-vBNj6VI4-d7bUGT7VHTZda4kUM0Esut4zIVqO76ejqa3C&sig=Cg0ArKJSzEkb61y8RywqEAE&cid=CAQSPADICaaNxz5Uzt_G__tqKBYq_dPHvZtgmgeRp5EfaRrlQBKCubVBpNkq6ysMdTzMz1MUFzPDf7nFbJOAwhgB&id=lidar2&mcvt=1001&p=526,1328,566,1369&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=975625246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700616096451&rpt=220&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E290 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9488723135582&version=m202309260101&ct=119&x=1&cor=2637835754369259000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E791 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwNAnv6Y___64etoKeHII26pBSRoK1ImZeMsdh9VgJxMcxQCkHxGMu0wwt9AmWv9AdGQ1PGIZORdmHVi7aRAftmPVr8ofwHeEgegFBqQZBDJGu0qqBee3FChnQLMB8omdm-5Hg_8ptwZDS&sai=AMfl-YSinGo3JUSEaglkqDWiah3GORG82q3341bxAKJ8ByOznwTLNBUqHWVqNbevd7_VyIKSM9zVoaILjpBfAtlAUqDFFkSVmlMYx0m3vIxg0bsuJ55kWEUV9Y-4kW-L&sig=Cg0ArKJSzJC-O-QMM1dlEAE&cid=CAQSPADICaaNk-Hhq0flxiO_LgPXsbxRD-wSin7OT0dmTEIJlOhDYLK7SyR-zBt3Mh1cJkyt3xt8dD454weHKxgB&id=lidar2&mcvt=1000&p=153,436,243,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4123656343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700616096877&rpt=135&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13911 Show response
check.analytics.rlcdn.com/check/ 25 B
382 B 183ms
100ms XHR
application/json 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13911
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:38 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-655d57a2-26164325611a21754a01c815
x-amzn-requestid: 59e8e97d-a068-474b-a5df-3cb1dd3d0fe5
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: OxqhbHlTDoEEVPg=
content-length: 25
x-amz-cf-id: EuGh_tcUg4LBv0T2rOGoiDbrzeEdkpfm8e-xCmwKFTpwmiur0op4iA==

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 49ms
49ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 01:21:38 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4CE8 15 KB
6 KB 37ms
37ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 01:21:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 926093
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 140ms
70ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:21:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 01:21:38 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4CE8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=G5bZUV9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd0t0S2dUMHZxdE02OW5RMVdrejdSS3glMk...
https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0...

425 B
652 B

37ms
36ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0VvYS9sQmhUbXg3SUZjcjhaRHpDUEV5MjdUWFh0TXFlVnArTlRZUEZZd0dCZjZmbkZpZkhKOWk4NkxZc29VOEJaSkJkNkhKa3c2alRLOGhDTFFYUVdJYXcvR2I4a0FydlJLZElhdUF3VkEwOWwyaW9jcVFpU1dRZzBjcXJta3k3MzRCeDNHd2owWm1tanVNdzNGdG9obko1bEtoTDNibG1SUW41T0Q5clNHTThialRHLzFpOD18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

089407ece06ebe9e007bbdad2b37f8551ed4c12edfecaeb9ffd4ad7265c10b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 792601
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=yCwPF3xET1prQnVuTElyaS9WTElrcG9NYzlwWXovejFrR1BZQndOUm5sS2g4Q1U1Ym9iYmVmd2Y0dDlzTitVRkc1ODl3Ty9BdEdIK0puWFpUTlJQdWRJSWJpNENsbDBxWUZPbllQOHpQcW4wUWFRL0hMRHlBWjMrWk5KL0VvYS9sQmhUbXg3SUZjcjhaRHpDUEV5MjdUWFh0TXFlVnArTlRZUEZZd0dCZjZmbkZpZkhKOWk4NkxZc29VOEJaSkJkNkhKa3c2alRLOGhDTFFYUVdJYXcvR2I4a0FydlJLZElhdUF3VkEwOWwyaW9jcVFpU1dRZzBjcXJta3k3MzRCeDNHd2owWm1tanVNdzNGdG9obko1bEtoTDNibG1SUW41T0Q5clNHTThialRHLzFpOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 247496
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 99ms
33ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.terra.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 22 Nov 2023 01:21:39 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 188384
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
374 B 35ms
35ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&cw=1&pbt=1&lsw=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 191218
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
254 B 97ms
29ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13911
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.terra.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 01:21:39 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8E87 23 KB
8 KB 88ms
31ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C3007%2C246%2C4%2C203%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3b134cd809c6a19c551d9436f904efdbe3726fc7741424b8c2cc402fff99f577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8444
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 01:21:39 GMT
expires: Fri, 24 Nov 2023 01:21:39 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0D96 52 KB
17 KB 126ms
31ms Document
text/html 23.211.9.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-60.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 22 Nov 2023 01:21:39 GMT
ETag: "623de86a-cf34"
Expires: Thu, 23 Nov 2023 01:21:41 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C41B 281 B
555 B 82ms
25ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1700603109/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 01:21:39 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C41B 46 KB
13 KB 32ms
31ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 01:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:36:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80108
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 22 Nov 2023 23:36:47 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame C41B 7 B
380 B 96ms
24ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 0D96 0
597 B 36ms
36ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:39 GMT
an-x-request-uuid: c9747f4c-4737-4543-9e99-37662ab7ba81
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Cairo-Black.woff2
s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/ Frame 6EFC 35 KB
35 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/Cairo-Black.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2759987072039875489/roller-kwxx-300x600/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:56:49 GMT
x-content-type-options: nosniff
age: 422690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35908
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:13:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 03:56:49 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 0D96 0
596 B 34ms
33ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 01:21:40 GMT
an-x-request-uuid: baa6b239-a9cb-4fc3-9878-cf90e8f88195
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.terra.com.br/	1970-01-21 01:59:36	Name: X-XAct-ID Value: d1d69113-1316-48c0-89e0-1ae19ac83adf
www.terra.com.br/	1970-01-20 17:06:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.terra.com.br/	1970-01-20 16:23:39	Name: AMP_TOKEN Value: %24NOT_FOUND
.terra.com.br/	1970-01-21 01:59:36	Name: _ga Value: GA1.3.1025678541.1700616094
.terra.com.br/	1970-01-20 16:25:02	Name: _gid Value: GA1.3.339124889.1700616094
.terra.com.br/	1970-01-20 16:23:36	Name: _gat_terraAnalytics Value: 1
.terra.com.br/	1970-01-20 16:23:36	Name: lotame_domain_check Value: terra.com.br
.terra.com.br/	1970-01-21 01:45:12	Name: __gads Value: ID=c6e8faaf699284c3:T=1700616093:RT=1700616093:S=ALNI_MZAgegc3NCNwRgwjqNjyQaTXiRRng
.terra.com.br/	1970-01-21 01:45:12	Name: __gpi Value: UID=00000cd6bd46ae79:T=1700616093:RT=1700616093:S=ALNI_MYST5HZKSnSL__11DG_O1UaGiW2ZQ
.criteo.com/	1970-01-21 01:45:12	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 01:45:12	Name: uid Value: 1b05911a-245a-4e25-9077-64b807c890d2
.openx.net/	1970-01-21 01:09:12	Name: i Value: 85f49534-c35f-4faa-a40b-4be4c8a42683\|1700616093
www.terra.com.br/	1970-01-20 16:23:37	Name: tt_c_vmt Value: 1700616095
www.terra.com.br/	1970-01-20 16:23:37	Name: tt_c_c Value: direct
www.terra.com.br/	1970-01-20 16:23:37	Name: tt_c_s Value: direct
www.terra.com.br/	1970-01-20 16:23:37	Name: tt_c_m Value: direct
www.terra.com.br/	1970-01-21 01:59:36	Name: _ttuu.s Value: 1700616094837
.terra.com.br/	1970-01-20 16:23:36	Name: _ttqtt_terra_tt.href Value: https%3A%2F%2Fwww.terra.com.br%2Fdiversao%2Fentre-telas%2Fserie-de-fantasia-esquecida-no-prime-video-retorna-apos-2-anos-e-acidentalmente-estraga-uma-grande-reviravolta%2Cd73921d893106e0c8f6f8d0600c333ba3t5nx1b6.html
.t.tailtarget.com/	1970-01-20 16:26:28	Name: _ssc Value: y
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 17:06:48	Name: trk Value: I90wwtdPSHNlfdMy1RwzoPXlNXCg5VWIWPM1SgDnV/EXDsETD+Tpg/7M+KwJmVCEedyb1tQ8Noaei2S4TGeKgKAxDGsgOOM+DnvPHJg3m4Fp2knrhMzryp5JbNRYOPQldzAGHxePYbbdlluEW/0y/yPdMMLXT0hzZX3TMtUcM6DiGmMVWxz7Y+S/3rJcUS/IAdaz8nEbRcmdT+u2xCK4DOV3QhHuPMxBl68ttybDe30=
.t.tailtarget.com/	1970-01-21 01:09:12	Name: u Value: fwAAAWVdV58WtwZfF/gxAgB=
www.terra.com.br/	1970-01-21 01:09:12	Name: tt.u Value: 0100007F9F575D65D906B316024E3551
.t.tailtarget.com/	1970-01-20 17:06:48	Name: ttbprf Value: ___de_1700616095261_3648182805
.t.tailtarget.com/	1970-01-20 16:23:37	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:06:48	Name: ttnprf Value:
www.terra.com.br/	1970-01-20 16:25:02	Name: tt.nprf Value:
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 16:23:39	Name: ttca Value: CA3731,CA6935,CA4723,CA5682,CA4729,CA7125,CA33426_1700616095
.terra.com.br/	1970-01-20 16:23:39	Name: _ttdmp Value: \|LS:\|CA:CA3731,CA6935,CA4723,CA5682,CA4729,CA7125,CA33426
.t.tailtarget.com/	1970-01-20 17:06:48	Name: n Value: 1700616095
.rubiconproject.com/	1970-01-21 01:09:12	Name: audit Value: 1\|naVuGyos1qqYD9dAHFT8WrU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+6oWPL5yMMz7vk/DJ53q2nIhmhpHjFZoTUgcdj94p/Mzxl23EFZZTWoijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.rubiconproject.com/	1970-01-21 01:09:12	Name: khaos Value: LP92WXNS-1Y-81QW
.adnxs.com/	1970-01-20 18:33:12	Name: icu Value: ChgI0YlXEAoYASABKAEwoK_1qgY4AUABSAEQoK_1qgYYAA..
.adnxs.com/	1970-01-20 18:33:12	Name: uuid2 Value: 3038904748048633652
.doubleclick.net/	1970-01-21 01:45:12	Name: IDE Value: AHWqTUkRIbV_MQaZvqovz-_dZLHVHovqlLr-1KPftyYOHEYjdA263gsIGVvRxr1Asds
.doubleclick.net/	1970-01-20 20:42:48	Name: APC Value: AfxxVi65VkJrLNIuMXRg2nktaolZ4-VF6ZvDpXWvIKkyU4Gdy8JCRg
m.exactag.com/	1970-01-20 18:33:12	Name: exactag_new_gk Value: 0b9ea54a7baf42d29082f24b3b7f890c%7C21.01.2024%2001%3A21%3A36
m.exactag.com/	1970-01-20 20:42:48	Name: exactag_new_uk Value: b4fc296b4dfc47058cea917bfd1b3f19%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 038eb362eb56424dbfcc2eae
.casalemedia.com/	1970-01-21 01:09:12	Name: CMID Value: ZV1XoCp4HvP0U.2c-ktRiAAA
.casalemedia.com/	1970-01-20 18:33:12	Name: CMPS Value: 2186
.casalemedia.com/	1970-01-20 18:33:12	Name: CMPRO Value: 2186
.adnxs.com/	1970-01-20 18:33:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?]mU-aB!]tbPl1M>e)ZlrFUfJ+tGXxoiK#W4)X=!0.Hia_eLcQ!R^$jX%]5)B`C[]P*3If)y3KL9D3I?+jaje9g
.3lift.com/	1970-01-20 18:33:12	Name: tluid Value: 4366623744014263409256
.travelaudience.com/	1970-01-21 01:53:50	Name: _tracker Value: %7B%22UUID%22%3A%22B5B21979-F3BC-4319-0189-F71F915E27CC%22%7D
.yahoo.com/	1970-01-21 01:09:33	Name: A3 Value: d=AQABBKBXXWUCEHlGNgUtNr5nPGKIsxrINkAFEgEBAQGpXmVnZQAAAAAA_eMAAA&S=AQAAAsrneFXw7fgrTKmi-oaw45k
.1rx.io/	1970-01-21 01:09:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-78d37647-689a-45cd-9822-8b33fcc3e918-003%22%7D
.terra.com.br/	1970-01-21 01:59:36	Name: _ga_FJBH1GT2QG Value: GS1.1.1700616093.1.0.1700616096.0.0.0
.targeting.unrulymedia.com/	1970-01-21 01:09:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-78d37647-689a-45cd-9822-8b33fcc3e918-003%22%7D
.everesttech.net/	1970-01-21 01:09:12	Name: everest_g_v2 Value: g_surferid~ZV1XoAABa4yZ5ABH
.quantserve.com/	1970-01-20 18:33:12	Name: d Value: EAwBCQG-KoEA
.quantserve.com/	1970-01-21 01:53:50	Name: mc Value: 655d57a1-0697a-29b89-d0b5b
.adform.net/	1970-01-20 17:06:48	Name: C Value: 1
.w55c.net/	1970-01-21 01:53:50	Name: wfivefivec Value: tnzTaq171R5BVT5
.adform.net/	1970-01-20 17:50:00	Name: uid Value: 1325583673141936330
.w55c.net/	1970-01-20 17:06:48	Name: matchgoogle Value: 5
www.terra.com.br/	1970-01-20 16:25:02	Name: _lr_sampling_rate Value: 100
.terra.com.br/	1970-01-21 01:45:12	Name: cto_bundle Value: IfXjnF9rT1h4Y1JrSmUzcGJGSEJTJTJGZ2RUd05rdVRtd2ZkM1M2dEpkZnJrMXpmU3BLWUoyTEkzWXVnQ3EyYmJDN3JOaXVxNFZndWp5b1pUb3hXZ0J0cTdITTV0U0R5ekIwNWJrakg1dnZZZm5hZCUyQjc5TmxyREp5NkU5ejQlMkIyNjltMlpCbEcwTUJuV2VWc0JaQVIlMkZScTdMZGNIdyUzRCUzRA
www.terra.com.br/	1970-01-20 16:23:39	Name: _lr_retry_request Value: true
www.terra.com.br/	1970-01-20 17:06:48	Name: _lr_env_src_ats Value: false

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.terra.com.br/api/tagmanfe/ShowArea?key=br.config.backend.adnotification&area=adnotification&direct=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13911 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6278ea2b90f42e4eca6829225309db4a.safeframe.googlesyndication.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ads.travelaudience.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
audio10.audima.co
b.t.tailtarget.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2.taboola.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
d.tailtarget.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
m.exactag.com
match.360yield.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.trrsf.com
p1.trrsf.com.br
p2.trrsf.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
region1.google-analytics.com
s.seedtag.com
s0.2mdn.net
s1.trrsf.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-10969-0.seg.t.tailtarget.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.terra.com.br
104.18.35.167
104.18.36.155
108.138.1.25
13.32.119.77
13.32.27.78
13.32.99.89
141.101.90.98
142.250.185.130
142.250.186.166
142.250.74.194
143.204.98.32
151.101.129.44
151.101.194.49
162.19.138.120
18.245.60.53
18.66.97.121
185.86.138.32
2001:4860:4802:34::36
23.211.9.60
23.32.185.35
23.35.229.251
2600:9000:2250:9400:a:e047:753:a221
2602:803:c003:200::31
2606:4700:10::6816:3556
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700:e4::ac40:af02
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200d
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::201b
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c1f::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:f500:9::5c7b:8502
2a02:26f0:f500:9::5c7b:8528
2a05:d018:d29:3602:be7c:8786:5b47:1e53
3.121.142.228
34.102.146.192
34.102.185.99
34.120.133.55
34.120.135.53
34.120.63.153
34.149.50.64
34.96.70.87
35.190.0.66
35.190.39.111
35.201.123.184
35.244.159.8
37.157.3.26
37.252.171.85
46.228.174.117
51.89.9.252
52.212.46.188
54.76.20.17
65.9.66.68
69.173.144.139
69.173.144.165
76.223.111.18
81.17.55.108
85.14.248.71
95.101.148.20
99.86.4.128
0031ada69905040a7741dfd64daf65b6a854123dbbe88cf4f766ec1ccbff1126
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
04cb27b9562e872b685a7327fda10d83d53e2208d3e44e82041d7da8a64be8b4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072aac53b7b3f4423dcffc13541197aa59fc1c8e170e88164772c32d0d88d764
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
089407ece06ebe9e007bbdad2b37f8551ed4c12edfecaeb9ffd4ad7265c10b4e
08a50a6a84fd01cbe4d55ed7f9c4079344ccc60f089329a225369b3954c03197
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c23c1806fe41e0f14a9b5b3c0f9e188f338410d4d0e13175ce79605f55e5b64
0ee7402f66e72ebec175b110cb2f29f2272d3a0aff70676057e114d6101a5c25
0ffba6340e22afe2844579cfacfb6bc976a70f76ce0932a3d474280b2e363e42
126ff8c0e781563aa02fa93b00449f80e2bd09fdcad30a6ee5624bf48a86c0e9
14e86be33c26b00a3b148def30c076c8418aa847eab12691fad3afaf3a4ed4f8
14e9eb55013564bb7ccd919065e7be491b3a2275b16251ee42c5a2092ade1b79
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ea7d44f4fecd2f320897686d1e57be8fa6ce48d92d1942dee116953deeacc3
195230e030a8055f38f964f9667efa1bd84e80971ea937cdb1812089f4393324
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa
20e58a9f3f301cb7cefc50ba90d5e615228189b2e1f0d8dc218931e04d79e650
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25281465cabc83360f736a7f6b22716ff3b7855711e511bfa850f576fcec6292
27d4aa6771bebbd0b3a44bc2d659ee33a9f07c3a69fb8bab3971d0eaccf815c8
281db6c6856ae3b30503ce0d7dad18b868602815e0b1607fa5d19f07e8c573e2
285b329154d66c830326cdfe19681500a9f2f11f0bbd36b04440340b9f3a9e23
295c8fb354a39789d21bc7a88dc34e7bd844414b6086cd16f27db98a8dd77d98
299ad733ac887166de3c640031cd47ca45d6198470d0991e04a4f948d6b5c9a3
2a20c1b8c427362f9d8a17e170362fc4a942916fe28ffd6786a27dc4979a69d5
2abaed58100b1df83a5738ff8ef9f0785257e6c703dc770153059f3661b407c1
2f184ebb644b10356c882abb0fc4788abfefdccaf8b2e62673cdd9eb1dc7d959
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f1a4a51455378e4dc8df3ad43341034b8a64663dcfa2679f3892717ccb242a
32276a1e45e05daccc43d76da72947d2acaf4c421c8acb5cea5bc45c48d28a2a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c680c039a7c71df985f40c5ac836e75b8d7897f877f0dac911509bb8ce756c
32f52b8a1ce45c301aacd2f2ae409a4a7c062fd36e5e82d4cfce3eac70deab72
3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
397573d616b2f2f202ddb08bd11860e2e8be72cb60bc9b13b97367d25915cd33
398679ed650dc3e4cdbea5689c56d09fe2c184273d9b76e468c3447a73c14b4b
3a4e793672b13d396ac33050eba557814cf1559504b393d15a25cbbab4aac011
3b134cd809c6a19c551d9436f904efdbe3726fc7741424b8c2cc402fff99f577
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445f1c14212e411213db2b5977acfe2443a318f31a8ad0e50ba526aa7f579c0b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4851141182a15315cb145e913bae5ae22e2225ad166cdbf0ba2c1ef5db8dc9b4
49e9f098e2fa8a7f920889affc875779056100b74abfe5f34c9b6985054c1d3d
4ab709475ac54d39d8c7b123b4ba8dacb8f2b9f61f1c82a888115c5fe86ef695
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7966902e836ea786aff3d524361b9eeeb91103698ca0eca1a5318f6a1a85ab
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4cd4a49cc6659ce6bf04a3f3604a34e2b5aab521057c52e326e4dc1b65fa2651
4df13c526ff0f84c49de003792de9d1256e1cfc34e17d6f9d12402b61241ef77
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaf5909fe48b7887f0f577e60aea78b741f20c84eacbdb7cd46de63e1016587
50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb
5324dde8156eb3be98a7c6c900646d3bb2bdd423af2e6090564ae66d5e9229e9
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4b0671fc364ab88679e5c22d6b0d70ab3f154e593bffe67fa4ecd8f1f1461
55ccbdbaa27631199497ba57202bb5c82981f6805f272fa8c02118be1f41d245
5aa9599851ca70a3756085330f92288adbdef53a09dc49645d3140eef67b5519
5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be
60ff86054727c55a94648b2a3d375a30d0f4ec1775f2444e9d7ba7e9e84c21bb
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e88026d379effdb840b2b2504c64a2e11900885441f1eeb3695d481d140193
64256d8211aebe9f85cbd2f625a1ea577540413f7c301ea451899987c75d2534
68d511a07b459a7e9fa7db459113881ccd3932313545b1c776022e3e5e21d863
699171c33635b7afd52c1581a8d3308aa1af5eab32a8996acffaa428310530ef
6d2002313fe4dc7cea780501d474df1d98af6be04b0cdb0a1366a841997a844f
6d3f802531be5cd9f0c8bd2573491dd5766b94ca7f2a5218225959419cd08df1
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7d347c731925b0b5acc41ad16582c431054e8739b9a5fe9216e34638a531dbb4
7d39b27cc3900912b1b79f65e2f1d48590cadd3455f23da59231890c5c7eabb5
7dbd449f02a5396173705983b22751598501933930ded270d300e68c905b5259
7ea66bd6768888d5b5ad1e4bdeb009091927e02a70574328056a3b98dbd53524
7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778
815e0c138f6f77700d3e43fb32bba558cd1870df24913ddda5caa9b508e5ed18
816827133e8b7b6964b9d194144b27966925b76923fc786a326873c00eed1489
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
834f991f763949d6143e42ae63133bd85f51b9c62dea1fd70d41b6a8d0ae97cd
836eea9098648195ed10f5ae2927e3f6b30ad7bf7b8a32a80bfd89f6fec7653d
83df6bb8897057a8caf2335848092c02418ed425060d403f4223b9ea990134cb
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852ec930a724b6c7bac9ad426e89c8b2921cd382350981232a2016373ac7168d
867ffec3af20a41f3df394f330df233355aee761f5c61ba1c427273169127d33
8705035cf0fd5a8366a76994aae9de1bb5966912c8c52023b798130c9935c1f9
878833034930c587ec4a5db7d092c8de5d0269656047e76fc016b9c927d93175
87c1af3973d2aa92a612746b0962e2a6b9d43c87a6655420e4231e06eb082211
87f7e626437ab9d9a53724b27a4f4b7e9eb7fa777934eccf796484789b3101df
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa8d08560aeb088e8d2dd8d1dd7b8eb233e3ca9251d1a0d01dd6ef603c5950a
8c3d630c5ae39363b269fb95be9a8b508b86735605bb0f4d80f2eafc7c09e010
8d4c7adc599852b039fa8c7eee377d82229e0acba62a7c9f002bd2a246fd27b4
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
961020d0efe656c99d2be6010e9a6fdb40709129310cae1fb7a5c92a7aa02e44
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
985b6466f4bb2a9fa8d26cffc0474313e3c88977cd255fbff494538efa1cbeba
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e04561b7c210f1f73737c0744e8e081183cf25d6a21332d52bc6321cc5e3bca
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a21abd6022733d362d6ef16e636ff0f764bf42e33b8d2cd71e7c980e4830e45b
a4011f24f951c1c1f02e0c9155b9a34bbaf6de203647c80350bf460a80b711fa
a4ff94047956e5c12c16f8deda8d226f7ec44386867e96db38ce3cc617ac1868
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5dda836e330652d53ba332e434ed1851651054afb1b0e0e13d8171b48163ac4
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a84f128a88d8d1b3987d2b7b361c60185a6bee0742f3d6006e207c03db420853
ab6f9ca53170a0cf1a27cba4bfb88255d012b8f52ccd7c70027925d3e8a9ed0f
ac799f588e56af6108fc38f8b3ae88dcba32efa3ed2b66d0098453c8e13d3d7c
acbc138b5b643e2b872faf9159f3d132cb2deeb516d1cc74634063b092f92e49
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01119315436bd3833361eb75ecbdcfdd440dcb56501b4e0b723504ebcb0dd6b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b080b807d04bc53c13d4f6187150410a33ba67d922aaa5fa92e4415c00dcb00a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2358cb659bf297f749541b366e8ad0fdaafa5825074b78ab33fb74fb0bb55df
b55b71f4979d078b8caa9673b2d06b61fd9ad9c7cefd614ab46b80ee19d1e0c9
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
ba2041dfdf774964cba3c841a0335e9d7c649b85ff92c14a4cfe144c37d84d3b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c77b820ac1ce0e0962e7c2e834a4f1afb0c214d932a0b554d8a8a26e73fe9a11
c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d
c8b305274ef7d515f8202fcf7329ad4df8a9e3316aed90eef7a7021f11a4f6e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d4355a580611554bb609332baebf6b757d7aa9820bf9af415ce6c3ca5e6bb184
d638f4f70cf32d8de9b96a8d23aa097358fff6429de6e191c7ee131ed688423a
d67d230ae95712c0093c288cba19921dbb227c2cecd64db62e85678cc1b43954
da4751ec73e5d238811ee5534f1d087a57dbd5e6f018fbc3f7fd2daddce4d9f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de58674eff9a7f8dad274fa31507749fdfcf2df5a460736822f13ca172fd01f6
deea5aa51b632606d172c672524286d437975f46ffaa264c55d20a8379370942
e04601f9d2e0235d87d2778f689d549fb11533393819c2851dd9ca45396bb5fe
e237dee547d69d6d5003615dfa74165ab8095c9063c6229a60bdc8d3c9eb1a7d
e2e49f5e40e39f5614535953895df892bc0c254a5320538f569c855fb78cdc74
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
eeb9b061abe3312b5b7f646784d9a728d963b1f632c6df4d560cb33b67636b2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22fd4eba7ff7e891e024904b6af40c5b50d91b13cc38f01d656fa188f26241c
f2d37b3f56d20ce8c2d4421966455b1b4825917558550c1bbe4436a7392e5b7c
f319cdc456b56a68e1d05eed09015bcd7a290d6d2fded69e7dafea74579f3675
f364d11c56e0113d9588e72e36ebd378f60d8eae59e1902cbd308c5c8576e7fb
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f723ce7dff47c0ab2c047ec493efcc075cc2ae9ce1b0a7e78d816c531dd63cc7
f79af5591075b68476e2f537aecab2b1b45ae632a811495e48435d8a55b11b25
f874a699f20f0730b99a3d16cea28bb4869c0f684dd9cdf40a5e33fa4853a69f
fa7d6ac935d3cf0bf7ac4547294cf5a2b513f96c4c098f19ef01af77e512502e

www.terra.com.br Open in urlscan Pro 2a02:26f0:f500:9::5c7b:8528 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

252 Requests

92 %HTTPS

41 %IPv6

52 Domains

88 Subdomains

71 IPs

9 Countries

2689 kBTransfer

7171 kBSize

59 Cookies

21 Outgoing links

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.terra.com.br Open in urlscan Pro
2a02:26f0:f500:9::5c7b:8528 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

92 %
HTTPS

41 %
IPv6

52
Domains

88
Subdomains

71
IPs

9
Countries

2689 kB
Transfer

7171 kB
Size

59
Cookies

252 HTTP transactions
2 data transactions