www.terra.com.br Open in urlscan Pro
2a02:26f0:7100::1720:eea9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27...
Submission: On July 21 via api (July 21st 2023, 8:27:36 pm UTC) from FI — Scanned from FI

Summary HTTP 260 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 70 IPs in 8 countries across 48 domains to perform 260 HTTP transactions. The main IP is 2a02:26f0:7100::1720:eea9, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.terra.com.br. The Cisco Umbrella rank of the primary domain is 236299.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 17th 2022. Valid for: a year.

This is the only time www.terra.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a02:26f0:710... 2a02:26f0:7100::1720:eea9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
54	2a02:26f0:710... 2a02:26f0:7100::1720:eec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:f400:a:e047:753:be1	() ()
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.24 18.66.97.24	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	52.18.8.176 52.18.8.176	16509 (AMAZON-02) (AMAZON-02)
3 10	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.215.51 143.204.215.51	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200d	15169 (GOOGLE) (GOOGLE)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2010	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.96.174 18.66.96.174	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.86.138.124 185.86.138.124	201081 (SMARTADSE...) (SMARTADSERVER)
3	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1 11	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:193e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 15	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	2600:9000:205... 2600:9000:2057:6400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:8::a	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:48de:91a4:6073:8331	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
260	70

7 2a02:26f0:7100::1720:eea9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a02:26f0:7100::1720:eec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p2.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

audio10.audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:f400:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.8.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-8-176.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-51.fra53.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10969-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.96.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-96-174.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:193e (United States)

ASN13335 (CLOUDFLARENET, US)

publyads.jstag.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.127.232.184 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlskyinfopartners.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlskyinfopartners.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:8::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-5hneknee.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:48de:91a4:6073:8331 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	trrsf.com s1.trrsf.com — Cisco Umbrella Rank: 373568 p2.trrsf.com — Cisco Umbrella Rank: 293709 p1.trrsf.com — Cisco Umbrella Rank: 355897	451 KB
41	googlesyndication.com 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 153 6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com	233 KB
32	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355	386 KB
17	rubiconproject.com 8 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 567 pixel.rubiconproject.com — Cisco Umbrella Rank: 382 eus.rubiconproject.com — Cisco Umbrella Rank: 631 token.rubiconproject.com — Cisco Umbrella Rank: 626	32 KB
16	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2424 bidder.criteo.com — Cisco Umbrella Rank: 727	23 KB
13	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com — Cisco Umbrella Rank: 568	43 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 364 aax.amazon-adsystem.com — Cisco Umbrella Rank: 451 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1078 s.amazon-adsystem.com — Cisco Umbrella Rank: 320	68 KB
9	google.com ampcid.google.com — Cisco Umbrella Rank: 2212 www.google.com — Cisco Umbrella Rank: 3 accounts.google.com — Cisco Umbrella Rank: 59	80 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 67310 d.tailtarget.com — Cisco Umbrella Rank: 79465 tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 569233 b.t.tailtarget.com — Cisco Umbrella Rank: 60855 t.tailtarget.com — Cisco Umbrella Rank: 8223 c.t.tailtarget.com — Cisco Umbrella Rank: 408719	44 KB
7	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 322 gcdn.2mdn.net — Cisco Umbrella Rank: 1176 r5---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 256067	2 MB
7	terra.com.br www.terra.com.br — Cisco Umbrella Rank: 236299	32 KB
6	audima.co audio10.audima.co — Cisco Umbrella Rank: 487345 audima.co — Cisco Umbrella Rank: 195834	111 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	23 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476	4 KB
5	eacdn.com wlskyinfopartners.adsrv.eacdn.com wlskyinfopartners.eacdn.com	184 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3566 launchpad.privacymanager.io — Cisco Umbrella Rank: 3131 geo.privacymanager.io — Cisco Umbrella Rank: 1887	10 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 595	99 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	169 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1280 contextual.media.net — Cisco Umbrella Rank: 621	10 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1490 google-bidout-d.openx.net — Cisco Umbrella Rank: 1488	759 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	5 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 728	1 KB
2	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 4569	467 B
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1495	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 storage.googleapis.com — Cisco Umbrella Rank: 473	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 255	85 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1611	424 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 876	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 856 id5-sync.com — Cisco Umbrella Rank: 426	25 KB
2	google.fi ampcid.google.fi www.google.fi — Cisco Umbrella Rank: 31660	777 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461	619 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 372	649 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 982	254 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 789	480 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8603	590 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2200	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 726	579 B
1	jstag.space publyads.jstag.space — Cisco Umbrella Rank: 635799	70 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1393	9 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1632	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1620	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	898 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1598	8 KB
1	taboola.com c2.taboola.com — Cisco Umbrella Rank: 8506	17 KB
1	trrsf.com.br p1.trrsf.com.br — Cisco Umbrella Rank: 928818	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	81 KB
260	48

	Domain	Requested by
42	s1.trrsf.com	www.terra.com.br s1.trrsf.com
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
15	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com www.terra.com.br s0.2mdn.net
12	securepubads.g.doubleclick.net	www.terra.com.br securepubads.g.doubleclick.net s1.trrsf.com www.googletagservices.com
11	ib.adnxs.com	1 redirects s1.trrsf.com publyads.jstag.space googleads.g.doubleclick.net acdn.adnxs.com
10	gum.criteo.com	3 redirects static.criteo.net s1.trrsf.com publyads.jstag.space
7	www.terra.com.br	s1.trrsf.com
6	pixel.rubiconproject.com	4 redirects
6	p1.trrsf.com	s1.trrsf.com
5	s0.2mdn.net	www.terra.com.br s0.2mdn.net
5	www.google.com	www.terra.com.br tpc.googlesyndication.com 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	audio10.audima.co	www.terra.com.br audio10.audima.co
5	p2.trrsf.com	www.terra.com.br
4	token.rubiconproject.com	4 redirects
4	eus.rubiconproject.com	s1.trrsf.com eus.rubiconproject.com publyads.jstag.space
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	static.criteo.net	securepubads.g.doubleclick.net publyads.jstag.space static.criteo.net s1.trrsf.com
4	www.google-analytics.com	www.terra.com.br www.google-analytics.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	wlskyinfopartners.eacdn.com	wlskyinfopartners.adsrv.eacdn.com www.terra.com.br
3	www.googletagservices.com	securepubads.g.doubleclick.net 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
3	fastlane.rubiconproject.com	s1.trrsf.com publyads.jstag.space
3	bidder.criteo.com	s1.trrsf.com publyads.jstag.space
3	c.amazon-adsystem.com	s1.trrsf.com c.amazon-adsystem.com
3	mug.criteo.com	www.terra.com.br
3	accounts.google.com	s1.trrsf.com accounts.google.com
3	sb.scorecardresearch.com	1 redirects s1.trrsf.com www.terra.com.br
2	acdn.adnxs.com	s1.trrsf.com publyads.jstag.space
2	googleads4.g.doubleclick.net	www.terra.com.br
2	ap.lijit.com	2 redirects
2	googleads.g.doubleclick.net	047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	wlskyinfopartners.adsrv.eacdn.com	securepubads.g.doubleclick.net wlskyinfopartners.eacdn.com
2	s.seedtag.com	s1.trrsf.com
2	prebid.media.net	s1.trrsf.com
2	prg.smartadserver.com	s1.trrsf.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-10969-0.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.terra.com.br d.tailtarget.com
2	cdnjs.cloudflare.com	audio10.audima.co cdnjs.cloudflare.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects www.terra.com.br
2	047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
1	match.adsrvr.org
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	contextual.media.net	s1.trrsf.com
1	api.rlcdn.com	s1.trrsf.com
1	r5---sn-5hneknee.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	s.ad.smaato.net	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	c.t.tailtarget.com	www.terra.com.br
1	t.tailtarget.com
1	6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	publyads.jstag.space	s1.trrsf.com
1	storage.googleapis.com	tags.t.tailtarget.com
1	audima.co	s1.trrsf.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	audio10.audima.co
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.google.fi	www.terra.com.br
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	launchpad-wrapper.privacymanager.io	s1.trrsf.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	ampcid.google.fi	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	c2.taboola.com	www.terra.com.br
1	tags.t.tailtarget.com	s1.trrsf.com
1	p1.trrsf.com.br	www.terra.com.br
1	www.googletagmanager.com	www.terra.com.br
260	87

This site contains links to these domains. Also see Links.

Domain
servicos.terra.com.br
mail.terra.com.br
esportes.terra.com.br
terra.com.br

Subject Issuer	Validity	Valid
terra.com.br DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
audima.co GTS CA 1P5	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
jstag.space GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.adsrv.eacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-17` - `2024-08-14`	a year	crt.sh
ia-prod-azurecdn.eacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-29` - `2023-11-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Frame ID: 457C1F0CA0CB223BB0B6F890B7DE8065
Requests: 135 HTTP requests in this frame

Frame: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7CE119DE06F9305D5767AD870678B28A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.terra.com.br
Frame ID: B4EC892CC0383D47CA64805B9882E138
Requests: 2 HTTP requests in this frame

Frame: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Frame ID: 1EB06EDBFBBFE1FBA59483AF55696131
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 698951A407DD17C3B169D5FB498820C5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B39B1E272ECC73572D013E3F64F8500C
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A1B770516172051A323B67637B6EC1E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA1BDCD16FB14E7C46CF1CFDE7B64D11
Requests: 2 HTTP requests in this frame

Frame: https://6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: EDE2B90719DAB1E2B6452AD8457574B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AC51AB8D4A1AF0AD8670B5BACB79A5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 674A1BAC108E76EDB89A294C662DF2DE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBu51KYekAnrb9WHmzgNIrgV8kHDrDG-xJoq250iESNL2EkcNH1SMYr3hUoZ61P-wgIOH50xx5hh4PSRsIAKicCMzgk0d1V6chgzUAd4JpxMkvJs614ranSb_v5WbTbBAv0O095Zag_BmGWt3oJ4nwwav15RP8M2uj8KxZr3jbSrCfF-MLPZ4GS2Ep4JbDzag46g1ud5cFAtJtxNIWH6MAKejpkj4FySyYYaoQG4Aty9W3jcgDUiWl3_hEd7gc7VWbJx45MSTp_PFF2WFlU5tKtDtfEdpaE5lcb8FG7nrcokIURo_ecPRdkb_Oj2mu4X7DM28Zka7ANdsVsMtbRWMMkPGYnCBY7Fm2Mvb4drwdK4b6Vh2Jg7H6PFhxpw&sai=AMfl-YSRxiAD7KamIdLIgbVIURaNdyeVbzl0epk3d3ekazlfE1CMqNl7vvURBqAjbIQfCSf9uUsnX_bhP11VWwlWr0ZH_cbKS-k_A41z2_twL5aQPfF9Zmxl3mjdNIneNIw&sig=Cg0ArKJSzAQpptiFTeJTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 338ABBF0E3D364781B02012437FCD639
Requests: 10 HTTP requests in this frame

Frame: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B60DE3618307A4262232F014C8AB35D0
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6imM8EEImGttkEGN6fqewBMAE&v=APEucNXudXJNAadKQ9vERJigGXWFE9hkPF8U6FzbT_WjBvIiJVJPkENXVtDrZ1tj88i4md5_Y7qzMLP0BBaL_GVgWAqhbgtUGPXVRpdH2oM6n-8MEWLeb26fOrdRxdrkH787kMd0V4MZcwMvinP0LsZ43UvYeSKWkIuEpnBUdK0ribe_BuShBtk
Frame ID: 2114BBBFA8128C5B44C7937FABCC25A1
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9epLc_hdZSkNJOkNIDL0KjRZYjQQPvA4aq_2Pg4GUlXJaoWLYngLbZd_jBb_SxY-QqRceiGdKlX24VeYK51kq6iTcrYPG0zIDRzHdPuwNSOIk_Fy0CH7ncQ7uYf95uCN_JjdmBRoB48LhGIZIwNi3HDcuQ_yhKRsU521nqdqRGMAehT3803uMoxLKqVJ3Ux3qjmFgEgylavw5kPEensrIz9riIIxgJibbKie4urctgT4UAVGEz_zjzOoY6322rojggnKUFcHV_1fUPIhUH7U0xa_7yuxTha-2_Zu9lP58tzFlGfoOJ664ghJdKdZpJuHBLXIzo9v8PLVOkklt&sai=AMfl-YSPMrnDBaDG1vK-Vb1qADBeRlBOlBAMaTZkejGdVJn1dysWqWqZ7h1RyptUZ5lIAhU7psMJa2K_Lr9DFvnYPJQ7kw-RdiOS7Y61HoU3gvV34mqesJ185qkw63B-9dI&sig=Cg0ArKJSzE_TtcdfjaKWEAE&uach_m=[UACH]&adurl=
Frame ID: ECBF7B61D4FDEBFA376E7B5CDB93383A
Requests: 9 HTTP requests in this frame

Frame: https://wlskyinfopartners.adsrv.eacdn.com/T.ashx?btag=a_1304b_1409c_&affid=4&siteid=1304&adid=1409&c=&t=638255680511190000&MediaID=1999&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26
Frame ID: B5016F1F20F4DB95CF0CAEE6609B72C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7F8AE1C110C1A7AF55A34FFDBEDC8D4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F17D08CF1D404BBAE5C6A294462C2C45
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250
Frame ID: 3E64804861098432DF45255586682EDC
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br
Frame ID: 93F8CA78C71AFD58E5AA401F159CD362
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 7F430710B767F4764A0CC54821DB97D6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br
Frame ID: 12FD0BE2A79CD0653914ABE2D36D51FA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 307091FC510305B1B97F126D8312D8B1
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 831DD8718A42B878ADA1D639B2F50636
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F9B425477D1BD9602E6A94E8357470EC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BCAECA01734F4392C5B3B878D98AEBC4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCE7AA41F5D659022BCF1E7147286055
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inverno em Ilhabela (SP) tem atrações esportivas e de eco turismo

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

260
Requests

91 %
HTTPS

47 %
IPv6

48
Domains

87
Subdomains

70
IPs

8
Countries

4127 kB
Transfer

8647 kB
Size

57
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://servicos.terra.com.br/?utm_source=terra&utm_medium=espaco-fixo&utm_campaign=pulldown_unificado&utm_content=home&utm_term=A0&cdConvenio=CVTR00001820
Title: Produtos

Search URL Search Domain Scan URL

URL: https://mail.terra.com.br/ozone?utm_source=portal-terra&utm_medium=home
Title: E-mail

Search URL Search Domain Scan URL

URL: https://esportes.terra.com.br/futebol/internacional/liga-dos-campeoes/
Title: Champions

Search URL Search Domain Scan URL

URL: http://terra.com.br/newsletter
Title: Os melhores conteúdos no seu e-mail gratuitamente. Escolha a sua Newsletter favorita do Terra. Clique aqui!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=3000033&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689971248039&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&c8=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689971248039&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&c8=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&c9=

Request Chain 69

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&rid=esp&cc=1

Request Chain 86

https://gum.criteo.com/sid/json?origin=publishertagids&domain=terra.com.br&sn=ChromeSyncframe&so=0&topUrl=www.terra.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ua011nwzYXBMUENuRFIzU290Y3NsaTBIZU1jSTUxZlpyTWt0QUdyTEJSYmlDZjRoSDdmVVF0M21yTmRMMkRTbjJ6aG9CRWQrakZLTmtJYTlQMlZVcGdqWVpGaWlHcHM4OE1rWldjS0JTSFJ2RW1YQmk3cm42VlNhMzQ5MFAzSWRoRk5LLzhZVHhMT3l3a3VGQ0VzK003VG9HbzJJWXpvL0NjaGpYVWdPWjFPZlZmdWpzbEI5WWhxZ2kyS0RUNWFiNkV1STN1SW1CZUdCbEdwaWFMYnNpditFT29JMzRNMDVXbzRndjc5Y0VVbFUwQ1dtYiszbjFOYzY1S29zVkZDczBNWkkzaTdReDMxamRPRFF0YlJvTG9lSEZvQT09fA&cppv=2

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNZVaRFNQQxXRsvcwzAzkE&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLrqMxfB6K1QtccjQW0d9wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5QCeCxWI0E1dmQBJfDEc&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJ4sLsQEFHzhhn3p38-T2s&google_cver=1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzk2ODU4NDYzNTQzNDk0Mw%3D%3D

Request Chain 205

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIpGyCAkC3sDuyzrXUulwzw&google_cver=1&google_push=AaAOQGGqCpJt3JvHBzL_7L6WauoGQLs86Lg48LO9TfNgrOsknTD7DWB8-B1nP9K2gJtvvXdk7G5HupkAHYV1QR4KLLWi9UwddYQyiAInNoanCJxA-Ye482jzJgMmCbXlJwHI8r9h17njnH7Leg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpGyCAkC3sDuyzrXUulwzw&google_push=AaAOQGGqCpJt3JvHBzL_7L6WauoGQLs86Lg48LO9TfNgrOsknTD7DWB8-B1nP9K2gJtvvXdk7G5HupkAHYV1QR4KLLWi9UwddYQyiAInNoanCJxA-Ye482jzJgMmCbXlJwHI8r9h17njnH7Leg

Request Chain 207

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKzGkM2GD58X8GBbbw8S2BA&google_cver=1&google_push=AaAOQGE0cH6SINJERFy9tPBQHWuQ2mG8bfuNxpMDubaBuk_YLtnrKEPFr7raELId2Wsq65nBFMnU3DpTC-s0gJsNUC6TChuWawsJJGqldRnEhEMi4JzgjLfAOmwX8TlcuJMZuNaTlvFbjmgCmA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4LdGHxFiS32ORKzMxmfSuw2&google_push=AaAOQGE0cH6SINJERFy9tPBQHWuQ2mG8bfuNxpMDubaBuk_YLtnrKEPFr7raELId2Wsq65nBFMnU3DpTC-s0gJsNUC6TChuWawsJJGqldRnEhEMi4JzgjLfAOmwX8TlcuJMZuNaTlvFbjmgCmA

Request Chain 208

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM9jzQBU7F8oGY-v11kf_jA&google_cver=1&google_push=AaAOQGHBfRBhruDg2dLpShKV0c3cZIwUr0dgU2g8J_cs-VVL1qRAbPxYrHNQfgM4WYt2F-zslj1RozkdUYdfr3OpW8ZQWePtcZI3nINtZ5__S2D90udvxxOec0pOkbhJCrna1PA0tMLVwozCGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=AaAOQGHBfRBhruDg2dLpShKV0c3cZIwUr0dgU2g8J_cs-VVL1qRAbPxYrHNQfgM4WYt2F-zslj1RozkdUYdfr3OpW8ZQWePtcZI3nINtZ5__S2D90udvxxOec0pOkbhJCrna1PA0tMLVwozCGA

Request Chain 209

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDgYVt486a_SkQV4sgLv2WE&google_cver=1&google_push=AaAOQGH-i180GxFNCIVgmVZaC0RQlv4kPrufSIzYmud6oQBQZHFmdID6dIvu-nJA2vI_NjmiJOePgbWY8xPReZNBGqGaX8WgZ9cJfaE_xWYHbkrpTMc0zr2aUYB8dmku8bZdmu-C5Zd-36bqZg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDgYVt486a_SkQV4sgLv2WE&google_hm=ZLrqMxfB6K1QtccjQW0d9wAADIQAAAIB&google_nid=index&google_push=AaAOQGH-i180GxFNCIVgmVZaC0RQlv4kPrufSIzYmud6oQBQZHFmdID6dIvu-nJA2vI_NjmiJOePgbWY8xPReZNBGqGaX8WgZ9cJfaE_xWYHbkrpTMc0zr2aUYB8dmku8bZdmu-C5Zd-36bqZg

Request Chain 210

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENiA6Y5mZFfaMt7DbHrsbRY&google_cver=1&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTixQsdYXYS6hiJtyLs3HzrlBzy5Ue4S0RFCIqSVvmiTWXqt_lFCXG8wHjF HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENiA6Y5mZFfaMt7DbHrsbRY&google_cver=1&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTixQsdYXYS6hiJtyLs3HzrlBzy5Ue4S0RFCIqSVvmiTWXqt_lFCXG8wHjF&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTixQsdYXYS6hiJtyLs3HzrlBzy5Ue4S0RFCIqSVvmiTWXqt_lFCXG8wHjF&google_hm=HBPruGZHEcnvuK7YQUWtNQY1

Request Chain 211

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFLt05Ib1WkM8j2aKU5DhGY&google_cver=1&google_push=AaAOQGGM4OJXLtcqYmS4CZOAnbPDFR5TeZq5BEySVkdD05Kgvi4t8OP3F0TgNIPSqbBxQrBEJkwYZs8I-vwuP70uTSpGXglpZWnhs3TNAwiz5qnvUD9Hy1PX0-OY0xx0O4h8bsJ41noFv7Mixg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGM4OJXLtcqYmS4CZOAnbPDFR5TeZq5BEySVkdD05Kgvi4t8OP3F0TgNIPSqbBxQrBEJkwYZs8I-vwuP70uTSpGXglpZWnhs3TNAwiz5qnvUD9Hy1PX0-OY0xx0O4h8bsJ41noFv7Mixg

Request Chain 226

https://gcdn.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/46A1759954D5AB2C6FFF1C669DCDDAE58D46B437.8E32D278B26AEFD07368060597BD19E8A9282196/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-5hneknee.c.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34EC8DF8D0D9C0795E7E06F77F7E117B79506D10.299AC9E30D06055A0EBA738C8C9AECD238D90C6B/key/cms1/cms_redirect/yes/mh/9c/mip/2a0c:f040:0:2790::4e/mm/42/mn/sn-5hneknee/ms/onc/mt/1689969615/mv/u/mvi/5/pl/51/file/file.mp4

Request Chain 228

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=jnotCV9SVVJkUmg3bUVhNXlHTVElMkJsV1pDajBUdUVOUDNRUEpoNm9Ham5sVEJsUncxdkxjMUFtc0h5cGp0aTFSb1U3OGJyakJoRFM0VDdNU2xyOG5aZmU4d1c4SXNob1lsbzRvd0VLJTJGQ2NyRFJEY3VhJTJCVGhjSTBLbUZYU3dVdHBWVWlhc3d1aW1TUFY3ZXVuOWxUbkZTdWw1bVElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=s0tAIXxSWS9pR0xhSWE2QjZienFEMHJCVnJid3IydUJvZXpuenJHWUtMdTkvend4RFhaUHVBWUQwSXFEZ21nckNPcFZQaHI3eHlHN1QyVkRaeFFUN01QNDVSUjV2ZjVYWFV6ZlB0bUZHc0k5STdzVlRnRFk2aFQvaERsMmtBdXMwVjhSSzdoN3o5NHBWSHh3OStZNG9sdFBwam9yU1dUWjFrUXhHa2pmTmV3S3VJVlFFT3ZwVXVSV0NBdFRnNVROMFR3N2tMU0ZrQmUxaXU2SStUR1dRL1FMUUlqeDJ3aldqczVzQmFEUFdTREZvUk44Ni9MU0FVYTZUR0FJRW5yS2NDQlRCVkd6ekVUMktST3RaTm5WNDFLZytSb2kxbnVmRVYycDdiNURvOS9KcWdjWT18&cppv=2

Request Chain 235

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=h67YBF9SVVJkUmg3bUVhNXlHTVElMkJsV1pDaiUyQndQNnlXYVk2Y0glMkYlMkZOYUd2SmlEVm12cEVwTjNaWTFTVEJxV0dLY3NDQmdXM1FPZSUyRjUlMkJxNkdPMDhJMVdrRWphY2xWNU8yZm5mZlRKZ2NBU2wwRnQ3SG1wVWt6ODV2ajJHMTFhQldmQ3FWWGQ3S3BZS2NmNFIzQ0F2JTJCSjVsWmhNQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=589VvnxnRFk1dzI0UkNqcE9sMHkwa09KbVV3RVFJMVZtM3VyWkdLb1hDSFZRTmZVZVpVRk5La2JqSEo1ZGZuY0pPdHV3R3RkSURMYWMvRmpmOXhxOXVyWFZyS1d6cGgxeFNUUDE5V3dRem1xZ0RXL3c5KzJtWndDbHF6NDVBSkkzRXBwNXplSTRSU3FPZzMvTldaSFJRVkpCTlVzTU5BTi9uTmwrdENGWFhCSGFkTUFqQXJXQVZwZWkzamhsZ1pzT0pIMStGbnR4Z1plNVlleUprSU9jRWRTcklGak5uaEJUMzdlWGZPSHJrUHRmamMxNEUzLzRRL1U2dWpyQ1J4MWw1SlVSYUtHZDhBOVdIQks4cTR6KzVMOXRmVGFvQ0tSYjAyOFg1MTE4UVFCTGFvOD18&cppv=2

Request Chain 251

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKD18XTL-6-D3CS

Request Chain 252

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtEMThYVEwtNi1EM0NT HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEETUztx7ULrB0EP7EO6FxKk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=

Request Chain 253

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/BuGgUw9gelIYERjulq7Bag?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LGd52Q9E2oKKuFeGyk_Z0ZBBqwazLeKLQ.vRhw--~A

Request Chain 254

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI0NGVkYjljNzcwZTA2NWE3YjlhZGZjMGJmMDc5ZWViYTViNzAwMw

Request Chain 255

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9HlWtFsAQi-4zsgqYQ0E5A&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9HlWtFsAQi-4zsgqYQ0E5A

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQCcp11HYrOLxwNosMIjKc&google_cver=1

Request Chain 258

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WTnV20gDRyivfiLVjsn1ZA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTnV20gDRyivfiLVjsn1ZA

260 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html Show response
www.terra.com.br/esportes/ 130 KB
27 KB 2866ms
2698ms Document
text/html 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edbd7ea4d6eb76178438ab526d5f79b7a6a64cb9ae1573aa6150b766eda7fb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=120, stale-while-revalidate=7200, stale-if-error=3600
content-encoding: gzip
content-length: 26530
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 20:27:27 GMT
strict-transport-security: max-age=15552000
timing-allow-origin: *
vary: Accept-Encoding
x-cache-profile: content
x-cms-delivery-uuid: 819869c5-b1d2-47db-9284-aeef05984cde
x-frame-options: SAMEORIGIN
x-http-reason: OK
x-mt-cache: STALE
x-original-ua: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/103.0.5060.134 Safari/537.36
x-xact-montador-time: 1689971245
x-xact-uuid: 4457e649-2350-4101-8a78-fcbcc510a197

GET
H2 200 nunito-sans-v6-latin-regular.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 20 KB
21 KB 231ms
61ms Font
application/font-woff 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v6-latin-regular.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: da4751ec73e5d238811ee5534f1d087a57dbd5e6f018fbc3f7fd2daddce4d9f2

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Tue, 24 Jan 2023 18:55:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 20976

GET
H2 200 nunito-sans-v6-latin-700.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 21 KB
21 KB 233ms
64ms Font
application/font-woff 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v6-latin-700.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a84f128a88d8d1b3987d2b7b361c60185a6bee0742f3d6006e207c03db420853

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Fri, 15 Oct 2021 15:12:50 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 21068

GET
H2 200 lora-v20-latin-700.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 23 KB
23 KB 232ms
63ms Font
application/font-woff 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/lora-v20-latin-700.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8aa8d08560aeb088e8d2dd8d1dd7b8eb233e3ca9251d1a0d01dd6ef603c5950a

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Tue, 24 Jan 2023 18:55:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 23352

GET
H2 200 nunito-sans-v8-latin-900.woff
s1.trrsf.com/fe/zaz-ui-t360/_fonts/ 21 KB
21 KB 231ms
62ms Font
application/font-woff 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/fe/zaz-ui-t360/_fonts/nunito-sans-v8-latin-900.woff
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 83df6bb8897057a8caf2335848092c02418ed425060d403f4223b9ea990134cb

Request headers

Referer: https://www.terra.com.br/
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Thu, 17 Mar 2022 02:15:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 21268

GET
H2 200 425350_1067939_show_das_baleias-urxfx4m6b0op.jpeg
p2.trrsf.com/image/fget/cf/774/0/images.terra.com/2023/07/20/ 38 KB
38 KB 238ms
219ms Image
image/webp 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/774/0/images.terra.com/2023/07/20/425350_1067939_show_das_baleias-urxfx4m6b0op.jpeg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7df308376be2025822cbdc6bced495d1fa8cd400bf0991a855823d2cd45b816b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Thu, 20 Jul 2023 00:01:51 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 38742

GET
H2 200 zaz.min.js Show response
s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/ 348 KB
93 KB 295ms
126ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d53279c3ee9b3f9b7c3969c5b8c7c52b3020570c5fdd9acad5b2d9c0394a1722

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 14:10:06 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 95085

GET
H2 200 mod-manager.min.js Show response
s1.trrsf.com/update-1689010504/fe/zaz-mod-manager/ 42 KB
11 KB 291ms
122ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689010504/fe/zaz-mod-manager/mod-manager.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d2c9ac6f4b9de7a943c3a61e880c39c7837a38c4fdb6602a114171074042e388

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Mon, 10 Jul 2023 17:35:04 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10888

GET
H2 200 context.min.css
s1.trrsf.com/update-1689802206/fe/zaz-ui-t360/_css/ 62 KB
8 KB 228ms
60ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689802206/fe/zaz-ui-t360/_css/context.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 06fe4ad09a44077b0590c728c396f5e5357ce6bd83345c339df5ceebdb9e28c0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 21:30:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8005

GET
H2 200 essential-solid.min.css
s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/ 7 KB
871 B 250ms
82ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7016662d70591fca042760a4712742ea021bacb9f0489ce298e2a955d917239b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Thu, 25 May 2023 19:10:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 562

GET
H2 200 sizes.min.css
s1.trrsf.com/update-1674586312/fe/zaz-mod-t360-icons/_css/ 1 KB
686 B 238ms
70ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-t360-icons/_css/sizes.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6d56ca2a83c783d4816cb52a734a0b6b460b8ff8e7398033014049313792d36d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 361

GET
H2 200 essential.min.css
s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/ 2 KB
530 B 281ms
113ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 9147117407e64985a6223ad3643c6ca70e2e3257f02fba20793c564c47141c63

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Thu, 25 May 2023 19:10:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 222

GET
H2 200 theme-default.min.css
s1.trrsf.com/update-1688597407/fe/zaz-app-t360-cards/_css/ 10 KB
2 KB 273ms
105ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1688597407/fe/zaz-app-t360-cards/_css/theme-default.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: dd621915a9cc0d27c64f62e9487cb78dfd64177197c1fa58dde6d49640c359a9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 22:50:07 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2010

GET
H2 200 theme-default.min.css
s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_css/ 11 KB
2 KB 248ms
80ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_css/theme-default.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 298b799c8ce0478d626a78d837c0aa42b476636614c530270b5d39c0aaf6135c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 16:40:05 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2200

GET
H2 200 context.min.css
s1.trrsf.com/update-1689276010/fe/zaz-ui-t360-content/_css/ 69 KB
8 KB 234ms
66ms Stylesheet
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689276010/fe/zaz-ui-t360-content/_css/context.min.css
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 03b01c2cf99d2ad864e60edefc51203c5b60f1df541e81d471b91f8d7d628f1f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Thu, 13 Jul 2023 19:20:10 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8097

GET
H2 200 context.min.js Show response
s1.trrsf.com/update-1689802206/fe/zaz-ui-t360/_js/ 30 KB
9 KB 276ms
108ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689802206/fe/zaz-ui-t360/_js/context.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 99cafca30c541527b28cf4b5746ac6a21336a66a98cc10bf6aeab1919cb047a0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 21:30:06 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8975

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 85 KB
28 KB 307ms
154ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517fd00902c0885e385f87c35a245cdc3adca53106fac1724cdf684f3232da10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28347
x-xss-protection: 0
server: cafe
etag: 807 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 197ms
61ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 18:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6728
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jul 2023 20:35:19 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 256ms
120ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:54:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Jul 2023 20:54:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 202ms
76ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14a0ac3ed81970ea84daeb6d7d02df7293a62f17b9ca075114ca583c62ac0a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 20:27:27 GMT

GET
H2 200 audima-widget.js Show response
audio10.audima.co/ 264 KB
89 KB 123ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/audima-widget.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee166a21665f7680d5d1dc067ddc231e7af2dd8beb9e8d804231a1d60645c300

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 19:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9442
etag: W/"64b98ddc-42095"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zom%2B30fvKyiDYeXLMJetzGucns9m%2B0qWOmhs07FUJfagU43ojgVt3YWJDeVyTYpFuIkdu3cc52O9qjT5hrpJNzC6n7y%2B3LPGMnf9simePKLOMjMrrWRd%2BnKS4x9De0OpQsixocVxjoT%2BQ0eJVlxZ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 7ea62f49fc094c79-HEL
expires: Fri, 21 Jul 2023 21:50:05 GMT

GET
H2 200 app-t360-cards.min.js Show response
s1.trrsf.com/update-1688597407/fe/zaz-app-t360-cards/_js/ 11 KB
4 KB 344ms
177ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1688597407/fe/zaz-app-t360-cards/_js/app-t360-cards.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 01a21bdd43f9ef89f76d8d0bd8df77ae0db28364a62b246f6e00386e3a7ec250

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Wed, 05 Jul 2023 22:50:07 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 3264

GET
H2 200 prebid.js Show response
s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/ 300 KB
89 KB 105ms
104ms Script
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 03f21bb2383ae05c61a57fc3540f71b5393a4b6a3f4e7d1d5e8605611855c6e6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Tue, 30 May 2023 18:15:12 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 90266

GET
H2 200 app-t360-navbar.min.js Show response
s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_js/ 39 KB
9 KB 343ms
177ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_js/app-t360-navbar.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f460c9af055759418c99b6a86cd06010336a13b9658bac0cc528c656e72e8daf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 16:40:05 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 8684

GET
H2 200 context.min.js Show response
s1.trrsf.com/update-1689859505/fe/zaz-ui-t360-content/_js/ 61 KB
14 KB 241ms
74ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1689859505/fe/zaz-ui-t360-content/_js/context.min.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7b4f03df8bb40b91fca5829ceb5515153c3db9b01afdb233f91a723952058a50

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Thu, 20 Jul 2023 13:25:05 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 13526

GET
H2 200 120923159-fbl-sudamericana-universitario-corinthians-2.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/07/19/ 3 KB
3 KB 368ms
352ms Image
image/webp 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/07/19/120923159-fbl-sudamericana-universitario-corinthians-2.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 340a9f0960a3e238fe2d80154f8000d7a2145bd2e238d0b0504d4cdac78aecd3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Wed, 19 Jul 2023 02:40:57 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2602

GET
H2 200 297304_ori_indio-vf1fro8dp1rk.jpg
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/07/17/ 2 KB
2 KB 587ms
571ms Image
image/webp 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/07/17/297304_ori_indio-vf1fro8dp1rk.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d9ab65d2da14902eb57aafe60226d3aa8b1d6857b5e436bcf15e551dc990c287

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
last-modified: Mon, 17 Jul 2023 19:02:19 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2078

GET
H2 200 mano-menezes-caiu-1jy5hqad5zzu9.jfif
p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/07/18/ 2 KB
2 KB 258ms
242ms Image
image/webp 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/cf/201/101/smart/images.terra.com/2023/07/18/mano-menezes-caiu-1jy5hqad5zzu9.jfif
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 09e892c022f363a87d7417ea3e4c00bb8d73c6d6506a2183ac0937009c60304b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Tue, 18 Jul 2023 01:08:53 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2236

GET
H2 200 bars.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 601 B
625 B 64ms
63ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/bars.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: deea5aa51b632606d172c672524286d437975f46ffaa264c55d20a8379370942

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 290

GET
H2 200 terra-horizontal.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 6 KB
3 KB 95ms
94ms Image
image/svg+xml 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal.svg

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_css/theme-default.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

de84e79178e5c56396fef99546d130649dd717c81dfff7e5a4de62f73e7452bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 20:27:27 GMT
x-cdnterra-cache-status: STALE
content-length: 2592
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 copa.png
s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_img/ 4 KB
4 KB 97ms
96ms Image
image/png 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_img/copa.png
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_css/theme-default.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a5036e90686b1c0d1c1e7b0ad46c499043d72e580b3a7937d923ac6fef25ed76

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/update-1689784805/fe/zaz-app-t360-navbar/_css/theme-default.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Tue, 24 Jan 2023 18:51:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 3610

GET
H2 200 chevron-right.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 541 B
623 B 59ms
58ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/chevron-right.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4232ef0fe15116ef5079354e5611d7d10408de9fbac3b42eba924d8b5c7678d7

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 310

GET
H2 200 envelope.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 724 B
787 B 63ms
62ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/envelope.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 072aac53b7b3f4423dcffc13541197aa59fc1c8e170e88164772c32d0d88d764

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 451

GET
H2 200 user.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 516 B
629 B 59ms
58ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/user.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 816827133e8b7b6964b9d194144b27966925b76923fc786a326873c00eed1489

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 315

GET
H2 200 angle-right.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 449 B
568 B 61ms
61ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/angle-right.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f874a699f20f0730b99a3d16cea28bb4869c0f684dd9cdf40a5e33fa4853a69f

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 254

GET
H2 200 share.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 577 B
673 B 59ms
59ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/share.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 0c23c1806fe41e0f14a9b5b3c0f9e188f338410d4d0e13175ce79605f55e5b64

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 359

GET
H2 200 logo-terra-ads.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/ 7 KB
3 KB 118ms
117ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/logo-terra-ads.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8f71b1a90eb71277727e906a81ecb8b4fd932ab1301d75a17046132e4a009d58

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2932

GET
H2 200 hor88x31_preto-1ibebd1rkzeig.png
p2.trrsf.com/image/fget/sc/80/30/images.terra.com/2022/12/21/ 2 KB
2 KB 219ms
219ms Image
image/webp 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.trrsf.com/image/fget/sc/80/30/images.terra.com/2022/12/21/hor88x31_preto-1ibebd1rkzeig.png
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d0d2a4bd115dbc2a85799d89572da72fb03e26e293bb0a373156dd8b7a3c1a4e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
last-modified: Wed, 21 Dec 2022 20:56:14 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2014

GET
H2 200 terra-na-copa-youtube-(10)-qxfztcfg9f8k.png
p1.trrsf.com.br/image/fget/cf/648/364/images.terra.com/2023/07/21/ 11 KB
12 KB 641ms
426ms Image
image/webp 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.trrsf.com.br/image/fget/cf/648/364/images.terra.com/2023/07/21/terra-na-copa-youtube-(10)-qxfztcfg9f8k.png
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 209869a2cfbdad494288b593047512c332ef612d43fe6d793914c5648651d35c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
last-modified: Fri, 21 Jul 2023 01:03:57 GMT
server: cloudflare-nginx
vary: Accept
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 11498

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 312 KB
27 KB 120ms
32ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689802206/fe/zaz-ui-t360/_js/context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 794bbb3ee09c729334e6aef156f6f8d5c32a7bbc9cf649712fa696a66eb19137

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:47:19 GMT
content-encoding: gzip
via: 1.1 google
age: 2408
x-guploader-uploadid: ADPycdsCk9EJZ7wIlwYXuqgmzozCX4Ks1k-BPA07_tDZfK-Xf6g9z2MTiWowsaWeKFz9iIRYGn3T3saqB3g5J0iH8AJAFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27322
last-modified: Tue, 18 Jul 2023 20:40:56 GMT
server: nginx/1.8.1
etag: "48e3ae310bc80a7cfa6fd0ecd4a48bd5"
vary: Accept-Encoding
x-goog-generation: 1689712856936568
x-goog-hash: md5=SOOuMQvICnz6b9Ds1KSL1Q==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 27322
accept-ranges: bytes
expires: Fri, 21 Jul 2023 21:47:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 8 KB
4 KB 205ms
57ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689802206/fe/zaz-ui-t360/_js/context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 125bae6d5c0255748d46352540c62c2907721067fb829fdf55646824f1517590

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:46:59 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 14:46:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 20430
x-amz-server-side-encryption: AES256
etag: W/"478ff7d954cc355359ddc496dde10f4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: rKeQVX15xTF9qNKTh-Bk7W23WeDjZkr0leIYtX5IwKr8lOXRISIhxQ==

GET
H2 200 zaz-globalstorage-min.js Show response
s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/ 40 KB
12 KB 57ms
57ms Fetch
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586307/fe/zaz-mod-globalstorage/zaz-globalstorage-min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:47 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 11522

GET
H2 200 mod-user-navigation.min.js Show response
s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/ 2 KB
1 KB 61ms
60ms Fetch
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586315/fe/zaz-mod-user-navigation/_js/mod-user-navigation.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:55 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 862

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/terrabr/ 59 KB
17 KB 179ms
60ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/terrabr/newsroom.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e764e0f070280d38fb471a3c1501acc1c9be5cd58c81398799b377ef1a610acc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 20:27:27 GMT
x-amz-request-id: VKKGZNZKH9HJ0WVE
age: 83
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17500
x-amz-id-2: 2EO6L5XuvG9wioYMwbhUeqANs8XowbJTpWw0DSTZIJSFo1FSnca4Jhk9eUuOmlxEeCplW3QHcF4=
x-served-by: cache-fra-eddf8230028-FRA
last-modified: Wed, 01 Mar 2023 18:19:14 GMT
server: AmazonS3
x-timer: S1689971248.984995,VS0,VE1
etag: "f01e7da0bdb7439db1d93e1912b9e7e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 mod-stalker.min.js Show response
s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/ 23 KB
7 KB 57ms
57ms Fetch
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a5dda836e330652d53ba332e434ed1851651054afb1b0e0e13d8171b48163ac4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 6760

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 207ms
66ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23973751bbd6f7da54aa8234c74aa89eb77a11d042c9e372504676f7473dedbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 101ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FJBH1GT2QG&gtm=45je37j0&_p=377141612&cid=163260690.1689971248&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689971247&sct=1&seg=0&dl=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&dt=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channel=esportes&ep.breadcrumb=esportes&ep.content_id=3e861ee3e72c18127f34a27debc2960esqhs4eeb&ep.content_type=not&ep.os_theme=light&ep.content_source=onboardsports&ep.amp=false&ep.page_theme=light&epn.network_downlink=9.6&ep.network_effective_type=4g&ep.network_data_saver=false&ep.display_mode=browser&ep.partner_type=interno&ep.published_date=2023-07&epn.device_memory=8&epn.device_pixel_ratio=1&epn.navigation_type=0&ep.product=portal&ep.article_special=false&ep.paid_content=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

PUT
H2 200 ID Show response
www.terra.com.br/coletor/user/ 225 B
577 B 270ms
270ms Fetch
application/json 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID?reason=NewProfileStalker&JSUA=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/115.0.5790.98%20Safari/537.36&site=br

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

126fb5079774b8e052a9bc6fd9f5febc48c0bfc4aa9cb5140cbe3f0c86a692ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-canary-798ffbc8cc-bhdxk
x-content-type-options: nosniff
x-xact-uuid: 3a382477-2957-4b43-ad91-8dc376a4f066
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 180

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 385 KB
122 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9404
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 17:50:44 GMT

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 903 B
560 B 279ms
68ms Fetch
application/json 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=mod.liveRamp&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 18ea7d44f4fecd2f320897686d1e57be8fa6ce48d92d1942dee116953deeacc3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 335
x-includer-uuid: 190174cf-ecab-49f1-b014-3ff7e79c4f7f

GET
H2 200 whatsapp-color.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/ 1 KB
850 B 63ms
62ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/whatsapp-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8d4c7adc599852b039fa8c7eee377d82229e0acba62a7c9f002bd2a246fd27b4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 536

GET
H2 200 facebook-color.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/ 555 B
634 B 107ms
107ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/facebook-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d67d230ae95712c0093c288cba19921dbb227c2cecd64db62e85678cc1b43954

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 321

GET
H2 200 twitter-color.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/ 794 B
727 B 61ms
61ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/twitter-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 99883e6f3d5b6c2c218fa653bf36a36a9ca410ee8d7c1bd46d0db926219678e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 413

GET
H2 200 pinterest-color.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/ 921 B
811 B 62ms
61ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential/pinterest-color.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8705035cf0fd5a8366a76994aae9de1bb5966912c8c52023b798130c9935c1f9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 497

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 4 KB
1 KB 368ms
172ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.cobranded_onboardsports.articles.cabeceira&area=cabeceira&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689010504/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 970e46517903e0d29f0e26a45ad48971d0aec22ff05095e6b0dfaa2f33affe27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: 566ac90b-c6f3-4699-81f5-b32858f5f3c7
content-length: 1095

GET
H2 200 ShowArea Show response
p1.trrsf.com/api/tagmanfe/ 6 KB
1 KB 421ms
225ms Script
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/tagmanfe/ShowArea?key=br.cobranded_onboardsports.articles.s1&area=s1&direct=1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689010504/fe/zaz-mod-manager/mod-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b294d337e8cf95cb4c13e919d43adf113297ddee32e79fe912bc6fb683b68f19

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
x-cdnterra-cache-status: EXPIRED
content-type: application/javascript
cache-control: max-age=300
x-tagman-uuid: c6b6396a-50fe-4e19-bed0-41496ae8bc0c
content-length: 1134

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3000033&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689971248039&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-e...
https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689971248039&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-...

0
225 B

57ms
57ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689971248039&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&c8=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&c9=
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: p63TW3QZABKj1jvxVFf-C7h15tRZ_UMkLsoGRUhDWpB-3QNnS17hew==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3000033&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689971248039&ns_c=UTF-8&c7=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&c8=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&c9=
content-length: 0
x-amz-cf-id: f6X-vFL1ih0zNMq5PskXdlB-qqKL8jv_q7zrK-Xmg-6B14uuetg5Tg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.fi/v1/ 3 B
369 B 208ms
67ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.fi/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 113ms
35ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 18:31:10 GMT
content-encoding: gzip
age: 2426178
x-guploader-uploadid: ADPycduE-PvT2m3F99uaAnqopNFq7tcrWZXL8MZJFM5IWbGRyrFoEVqfhWbg_ll8mg_n3bTcu_HoEgPWG-1E035Xb0h1HA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 22 Jun 2024 18:31:10 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 232ms
110ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 20:27:28 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
898 B 100ms
30ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 20:27:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 32847
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-hel1410025-HEL
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 117ms
41ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: RSGEQ3TMYY4N1ZTV
age: 1413
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ea62f4dae34d94b-HEL
x-amz-id-2: ClzlsYvLJYc9Eo875q/vdJecjgJ4MRT0Q0XFx4PfHBkkIV+wj3cuIxExZO/fsImFzYOEKXFivGo=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 150ms
73ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: cbdb9a162200b061e59d3911a451d983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 187ms
63ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 64388
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: lU0wvam5gFYscpU-llFqvs2CUZJgtttykBVdVHRqHrHDat3wKLVNhQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 190ms
59ms Script
text/javascript 2600:9000:2250:f400:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f400:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 21 Jul 2023 00:56:56 GMT
Via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 70233
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 4Mk9gSHhRykZFAYwbk-8-5J0rYPpTQ6sb08AfpRE0U_frojwE58FEQ==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 142ms
41ms Script
application/javascript 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 17:46:36 GMT
server: cloudflare
age: 7141
etag: W/"64b972fc-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7ea62f4e4f0495fa-ARN
expires: Sat, 22 Jul 2023 20:27:28 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 875 B
516 B 305ms
305ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3392324880160075&correlator=1469922349045920&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.onboardsports.cobranded%2Carticles&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3558259059&didk=2076216588&sfv=1-0-40&fsbs=1&ists=1&prev_scp=pageid%3D3e861ee3e72c18127f34a27debc2960esqhs4eeb%26contentsource%3Donboardsports%26breadcrumb%3Desportes%26channel%3Desportes%26testfloor%3Dtrue%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26pf%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689971248184&lmt=1689971248&adxs=0&adys=7751&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&frm=20&vis=1&psz=1600x7750&msz=1600x0&fws=0&ohw=0&ga_vid=163260690.1689971248&ga_sid=1689971248&ga_hid=377141612&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsJiL0ZcxSABSAghkEhkKCnB1YmNpZC5vcmcYsJiL0ZcxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLCYi9GXMUgAUgIIZBIXCghydGJob3VzZRiwmIvRlzFIAFICCGQSFAoFb3BlbngYr5iL0ZcxSABSAghkEhkKCnVpZGFwaS5jb20YsJiL0ZcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiwmIvRlzFIAFICCGQ.&dlt=1689971247273&idt=877

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f41e052d0591bc6026c69c93b552084aac01e5933748f23518608e6915460fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 485
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7CE1 6 KB
3 KB 230ms
69ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:28 GMT
expires: Sat, 20 Jul 2024 20:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 userArea Show response
www.terra.com.br/coletor/user/ID/ 170 B
546 B 240ms
240ms Fetch
application/json 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/userArea?fetch_data=true

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

17ac178d134001a28995d938665e1f1bd8084f268dd51c6227a66bca347ac918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-5c74f4c467-wxl9h
x-content-type-options: nosniff
x-xact-uuid: e7aab2ca-e940-488d-95a3-7710a5a6b60a
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 153

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 70ms
69ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=377141612&t=pageview&_s=1&dl=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&ul=en-us&de=UTF-8&dt=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEIJAAQCACAMIC~&jid=2065468643&gjid=36180031&cid=163260690.1689971248&tid=UA-54936151-1&_gid=681474410.1689971248&_r=1&_slc=1&cd1=esportes&cd4=contenido_digital&cd5=esportes&cd6=3e861ee3e72c18127f34a27debc2960esqhs4eeb&cd7=not&cd9=terra&cd10=light&cd18=onboardsports&cd48=terra360&cd49=false&cd52=light&cd60=9.6&cd62=4g&cd63=false&cd64=browser&cd68=interno&cd72=default&cd75=2023-07&cd84=8&cd85=1&cd92=0&z=936649853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&rid=esp&cc=1

85 B
202 B

158ms
158ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&rid=esp&cc=1
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 5d32424e720813d6e4c6dc3f2030afb5c0e5d2ce660506560c887211db3a24f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-q50GcobpWqA8eP2GsCNVHcnOjQ8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.terra.com.br
location: /esp?url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/ 2 KB
2 KB 180ms
55ms Script
text/javascript 18.66.97.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/launchpad-liveramp.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5ebec286f66345b1cf0e6f4dfdef949440265554e89460bc7b6d8db09866c02

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 03:09:38 GMT
x-amz-version-id: q3VTKeuOzEto_JQGVeybUhQedihkmoDN
content-encoding: gzip
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 62271
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 17 Apr 2023 15:23:55 GMT
server: AmazonS3
etag: W/"597c678b16d131750ae732a9c5f9f5dd"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 7juHTE_943NlxFg8jRP7Lhk-O84i2ICJXvDNN_y2Q4Q5w-v46DkTzQ==

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
325 B 206ms
64ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.terra.com.br
date: Fri, 21 Jul 2023 20:27:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 5 KB
842 B 66ms
66ms Fetch
application/json 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.t360.favoriteTeam&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b0f73f013a0d2a1e31440cbe36158fbc5e216e24e39b441077afffff22478a01

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 617
x-includer-uuid: 991999de-f278-4c15-aae5-480356bcc723

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 160ms
80ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.terra.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.terra.com.br
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 21 Jul 2023 20:27:28 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 95cf06963cdac4d6bebcb4403ad30460

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 329 B
424 B 74ms
73ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a888a0bfad820be307c082dd189b7c4bdccb3917c4cc2b17cacf2aff5594fccc

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 8c342fc78a184644a6e3a2593f162edd
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 200ms
68ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54936151-1&cid=163260690.1689971248&jid=2065468643&gjid=36180031&_gid=681474410.1689971248&_u=aCDAAEIIAAQCACAMIC~&z=480635339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Jul 2023 20:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 242ms
74ms XHR
application/json 52.18.8.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.8.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-8-176.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7c1707d39cce7a6636ac67c71bdd482a30f9789bf63e4aa2acca5ed42d9231c2

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache
x-server: 10.45.4.67
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B4EC 15 KB
6 KB 177ms
59ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.terra.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 320990
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 iframe-later-terra-player-audima.html Show response
audio10.audima.co/ Frame 1EB0 2 KB
1 KB 243ms
243ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/audima-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f582b6607ae027ab85313505784f4d922fc5e968a41ae11f35f6dbbc3c87f9

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=14400 public
cf-cache-status: DYNAMIC
cf-ray: 7ea62f4f3ca74c79-HEL
content-encoding: gzip
content-type: text/html
date: Fri, 21 Jul 2023 20:27:28 GMT
expires: Sat, 22 Jul 2023 00:27:28 GMT
last-modified: Thu, 20 Jul 2023 19:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PczlwWZoTZdWkLZoCoOpWw6qHV%2F%2B0jT5Zb35kdMDSdFa82YpNbrFGo4YEGYn4ETJFGeTfnOCNiCtAS%2Fafe88Ap2CVlGAk%2F7%2BRan%2BwNkiUZMmaz2fVvqS5uZr6ObWnjVEqDFTQ7HmaigMu9VZcD%2F11g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app-t360-favorite-team.min.js Show response
s1.trrsf.com/update-1687365606/fe/zaz-app-t360-favorite-team/_js/ 20 KB
5 KB 82ms
81ms Fetch
application/javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1687365606/fe/zaz-app-t360-favorite-team/_js/app-t360-favorite-team.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 68d29d042459eaf81e01ca3d10b51008cda5813dfd517b1731abe0f7e2fe9ce6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Wed, 21 Jun 2023 16:40:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 4582

GET
H2 200 theme-default.min.css Show response
s1.trrsf.com/update-1674586297/fe/zaz-app-t360-favorite-team/_css/ 5 KB
1 KB 89ms
89ms Fetch
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586297/fe/zaz-app-t360-favorite-team/_css/theme-default.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 77de0b4cac629fa8bc677eef858e08214771c44045590caca17d2b820cc99178

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:37 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 941

POST
H2 200 emailHashes Show response
www.terra.com.br/coletor/user/ID/ 189 B
563 B 255ms
255ms Fetch
application/json 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/emailHashes?fetch_data=true

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

031c1af6727ba0315b5a7e27f9a812989fd0b462e19afb3e781683fa33ed3eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-canary-798ffbc8cc-w5ttt
x-content-type-options: nosniff
x-xact-uuid: 3dc006cb-0304-4a5c-bf97-c5cc69c8eac1
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 167

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 189ms
60ms Script
application/x-javascript 143.204.215.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/9ce3b5f3-6b5e-4f2a-9ff6-230da29ea14c/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-51.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Fri, 21 Jul 2023 20:07:53 GMT
x-amz-cf-pop: FRA53-C1
age: 1176
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: aRCiL8pn4eQpRG0vQwXO-NLAaJW1IdaHbOf4WRIe-0JWJVmgdzKxRg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 210ms
84ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54936151-1&cid=163260690.1689971248&jid=2065468643&_u=aCDAAEIIAAQCACAMIC~&z=396519186

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 215ms
85ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54936151-1&cid=163260690.1689971248&jid=2065468643&_u=aCDAAEIIAAQCACAMIC~&z=396519186

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 194 KB
76 KB 302ms
153ms Script
application/javascript 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fe33330648bd53e5a78bcdddc6b84ddf85d7f4e0cba57e76735412a7898eff0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eQNRfAxTeGuhBYc0euIn-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-eQNRfAxTeGuhBYc0euIn-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 21 Jul 2023 20:27:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B4EC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=terra.com.br&sn=ChromeSyncframe&so=0&topUrl=www.terra.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ua011nwzYXBMUENuRFIzU290Y3NsaTBIZU1jSTUxZlpyTWt0QUdyTEJSYmlDZjRoSDdmVVF0M21yTmRMMkRTbjJ6aG9CRWQrakZLTmtJYTlQMlZVcGdqWVpGaWlHcHM4OE1rWldjS0JTSFJ2RW1YQmk3cm42VlNhMzQ5MF...

425 B
647 B

195ms
58ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ua011nwzYXBMUENuRFIzU290Y3NsaTBIZU1jSTUxZlpyTWt0QUdyTEJSYmlDZjRoSDdmVVF0M21yTmRMMkRTbjJ6aG9CRWQrakZLTmtJYTlQMlZVcGdqWVpGaWlHcHM4OE1rWldjS0JTSFJ2RW1YQmk3cm42VlNhMzQ5MFAzSWRoRk5LLzhZVHhMT3l3a3VGQ0VzK003VG9HbzJJWXpvL0NjaGpYVWdPWjFPZlZmdWpzbEI5WWhxZ2kyS0RUNWFiNkV1STN1SW1CZUdCbEdwaWFMYnNpditFT29JMzRNMDVXbzRndjc5Y0VVbFUwQ1dtYiszbjFOYzY1S29zVkZDczBNWkkzaTdReDMxamRPRFF0YlJvTG9lSEZvQT09fA&cppv=2

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9fc820ea837daf2b4dd7982bdd22ac63172686f5ad2acccbd2abf04065c87804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1664726
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ua011nwzYXBMUENuRFIzU290Y3NsaTBIZU1jSTUxZlpyTWt0QUdyTEJSYmlDZjRoSDdmVVF0M21yTmRMMkRTbjJ6aG9CRWQrakZLTmtJYTlQMlZVcGdqWVpGaWlHcHM4OE1rWldjS0JTSFJ2RW1YQmk3cm42VlNhMzQ5MFAzSWRoRk5LLzhZVHhMT3l3a3VGQ0VzK003VG9HbzJJWXpvL0NjaGpYVWdPWjFPZlZmdWpzbEI5WWhxZ2kyS0RUNWFiNkV1STN1SW1CZUdCbEdwaWFMYnNpditFT29JMzRNMDVXbzRndjc5Y0VVbFUwQ1dtYiszbjFOYzY1S29zVkZDczBNWkkzaTdReDMxamRPRFF0YlJvTG9lSEZvQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 282342
content-length: 0
expires: 0

GET
H2 200 zaz-datetime.min.js Show response
s1.trrsf.com/update-1674586306/fe/zaz-mod-datetime/ 38 KB
11 KB 59ms
59ms Fetch
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586306/fe/zaz-mod-datetime/zaz-datetime.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 285b329154d66c830326cdfe19681500a9f2f11f0bbd36b04440340b9f3a9e23

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:46 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10530

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6989 0
176 B 149ms
66ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 21 Jul 2023 20:27:28 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 826 B
530 B 62ms
62ms Fetch
application/json 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=mod.aps&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 68d511a07b459a7e9fa7db459113881ccd3932313545b1c776022e3e5e21d863

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 305
x-includer-uuid: 04b8813d-0c71-4217-8056-b20026fad82b

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
608 B 57ms
57ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098

Request headers

Accept: application/json
Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Jul 2023 00:42:45 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 71084
x-amzn-requestid: e9bfaec3-79a3-431c-bbc8-6471ca69e385
x-amzn-trace-id: Root=1-64b9d485-0a2fbc12727a2ca3056558fd;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: IY4k6G7YDoEFxcg=
content-length: 30
x-amz-cf-id: J6Ifs8jnUwuSgMiz8SpVxgdu8PUyVbaRxwoB-4oujIE5ZFjW0Z_MhQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 259ms
126ms Preflight
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.terra.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 21 Jul 2023 20:27:28 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront), 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-apigw-id: IbmHsEcUjoEFuRQ=
x-amz-cf-id: UCAg1Y0LrrXx1wahXu2KgevRbonrka5esVraMZBVxNRKpeGQHW_nUg==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: bd8bd7df-74e8-4030-9846-4dc322e6f44c
x-cache: Miss from cloudfront

GET
H2 200 terra-player.css
audio10.audima.co/ Frame 1EB0 10 KB
3 KB 42ms
40ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/terra-player.css
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e04561b7c210f1f73737c0744e8e081183cf25d6a21332d52bc6321cc5e3bca

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 19:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9440
etag: W/"64b98ddc-27bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agMmFgb8Hr30FhwuPDxjh0iusyKt9%2BmbJ5C0tjktywLpk2VfbvoatAy0GBPdm3Xl7FKJmnI2tVxL2sYUSjcvsCjNaDwHE3xpG%2Fvt3m49szu%2B8oK%2BqBCQm61inlsRlB0g0SEWMpqAKqnJEcD3TxkdeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
cf-ray: 7ea62f50cefb4c79-HEL
expires: Fri, 21 Jul 2023 21:50:08 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame 1EB0 69 KB
11 KB 114ms
38ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://audio10.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1482057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10277
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lro4tbOymam0QaYNLC6xu8TU48SXJJIh3CYZSjfpeTNZy6wMlf1xKoA0cHB5MuwGQDzD6XfpldBVJBI5ci6alB6a%2FTbgW2VW61sKN7BGLktmv0leEGzdD5POs%2Bwn289v8TQOH9oPiKzCBYzHBOje%2FDBi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ea62f5138574e15-HEL
expires: Wed, 10 Jul 2024 20:27:28 GMT

GET
H2 200 audio-tts-player.js Show response
audio10.audima.co/ Frame 1EB0 50 KB
16 KB 48ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/audio-tts-player.js
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f380ae7d181f2085b7a977ab148d8b45b8b5731fab72307c3bdfef8d18fb83c4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 19:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9440
etag: W/"64b98ddc-c718"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LL17xCp5aQFKrQgKmTlWu5I233vSMmFouQaU7QoULo0LhS9KlJShEDhZTdgQYkwfvA%2BiJa934%2Byu%2BstgJnfGA6lMZLfEfFMjzwV%2Fz%2FcneC%2BD5Nn5iLyKvtWQliN9LHyIZemJ2YwzSjPV4e8fs9QtPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 7ea62f50cefe4c79-HEL
expires: Fri, 21 Jul 2023 21:50:08 GMT

GET
H2 200 call-init.js Show response
audio10.audima.co/ Frame 1EB0 238 B
471 B 42ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio10.audima.co/call-init.js
Requested by: Host: audio10.audima.co
URL: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c591e4c4423edcd4c23f7f740a928eb4d3f8cfb4d72d1758e0255d584b74fb9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://audio10.audima.co/iframe-later-terra-player-audima.html?skin=terra-player&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 19:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9440
etag: W/"64b98ddc-ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exX1l5PR6ppEPFB%2BSjMrA1FNIgVVW%2Bm%2FjqIyhtJHudrt1dzOWhqZMdOggwRILUHtPYRVfNHd7a%2Bhr9v1zZVzngSS8yfMtO8UBmEerTUSLSWZjm7%2BLNhU0wrOUXEDhYf7dCMHPQqWYKqJSTmQY3jIPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 7ea62f50cf004c79-HEL
expires: Fri, 21 Jul 2023 21:50:08 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 244 KB
60 KB 194ms
64ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:33:04 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 19:22:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 3265
x-amz-server-side-encryption: AES256
etag: W/"4c32a3d3ddb526b72e7dd25429eaaa2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: LqcoHawdMKbPrB53rv4Nz5YcaCoISI5kshe5WU2USf0cJHQqrIoGLw==

POST
H2 200 pageviews Show response
www.terra.com.br/coletor/user/ID/ 225 B
571 B 286ms
285ms Fetch
application/json 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/pageviews

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

126fb5079774b8e052a9bc6fd9f5febc48c0bfc4aa9cb5140cbe3f0c86a692ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-5c74f4c467-qpgrm
x-content-type-options: nosniff
x-xact-uuid: 84a051ac-b22c-4120-b73d-e0f96fb2e4cb
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 180

GET
H2 200 css2
fonts.googleapis.com/ Frame 1EB0 6 KB
1 KB 195ms
69ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Requested by

Host: audio10.audima.co
URL: https://audio10.audima.co/terra-player.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0b6da5eebb0023cddb0d5fa35708f6f44bd8e3661da0ea0dfa79b00f3e9229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://audio10.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 20:22:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:27:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 1EB0 47 KB
48 KB 194ms
61ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://audio10.audima.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 590745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 00:21:44 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ Frame 1EB0 74 KB
75 KB 82ms
42ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Origin: https://audio10.audima.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1357998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75728
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFeEdsz2ucA%2BY%2BkBtSGt1%2F4kRS3Rf%2Bvrd5dG4ElK9CyjcmhoOLvTfPUzKMj5qkZuiUDv42myvGTKvUxRKzrClAmi%2Ff9ftuDRPCcdiyI0UwiceIgMiZVcnWRM8xCi%2B0lCZAnY1iIXyWQArGURJkc%2FA9aU"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ea62f529ec3376d-HEL
expires: Wed, 10 Jul 2024 20:27:29 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 174ms
58ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Fri, 21 Jul 2023 04:23:55 GMT
x-amz-cf-pop: FRA56-P3
age: 57814
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: L-iGVG5vqNf-sHe6F39JvxZHm28EqO5cP9oTM6VnX5s_O8RQm329nA==

POST
H2 200 userArea Show response
www.terra.com.br/coletor/user/ID/ 170 B
550 B 224ms
223ms Fetch
application/json 2a02:26f0:7100::1720:eea9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/coletor/user/ID/userArea?fetch_data=true

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1674586312/fe/zaz-mod-stalker/_js/mod-stalker.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:eea9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

17ac178d134001a28995d938665e1f1bd8084f268dd51c6227a66bca347ac918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
x-xact-hosts: stalker=stalker-canary-798ffbc8cc-rjcqr
x-content-type-options: nosniff
x-xact-uuid: eaa1071d-48f8-4e9b-bd5d-84ea2dbe4c8f
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Xact-UUID, X-Xact-Seq
content-length: 153

GET
H2 200 dfp_frame_terra.txt Show response
audima.co/ 3 KB
2 KB 336ms
244ms Fetch
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audima.co/dfp_frame_terra.txt
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689859505/fe/zaz-ui-t360-content/_js/context.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3732b6af5e4e9b2358356e6c30f4f1ebe0cabec1b7688b7179c36df6d933d8b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 05 Jul 2023 10:11:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a541e4-a4b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojR%2BuSY%2FndDGpxujZCWfcKnyZPEacrag%2FHBfeZYndWL4TgknbF3iYdC%2BUpzIGGkn%2BwCYjJSuG5LK25P3LueL5EByO4%2B%2FDidjmp1XyfAcvDx%2BYs670L3kmImpBtXEJd7FsPSVCo0gNUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cf-ray: 7ea62f542875d967-HEL

GET
H2 200 style
accounts.google.com/gsi/ 533 B
609 B 103ms
102ms Stylesheet
text/css 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce---dXKyCUOfwVTTInP7eR4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce---dXKyCUOfwVTTInP7eR4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 21 Jul 2023 20:27:29 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
527 B 278ms
278ms XHR
application/json 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=66671836960-64nrh3rrhfj072r7fg23q68ekm6h9ke8.apps.googleusercontent.com&as=GBpNz7wbFRfhZK%2FEKGhiUg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6dbad193c8dc3eb6b8b2e7520cc60216446d0a3abc1ecbc5dfde80ed8f650780

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ADFyboxc4pOWe08FZ56XSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-ADFyboxc4pOWe08FZ56XSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 53ms
32ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:21:02 GMT
content-encoding: gzip
age: 18387
x-guploader-uploadid: ADPycdvnH-YjFRlkMeHAaYKbaV1knR8eDwplb-fKBp_WDQ0KQ7d4qv5P8e8LzrdRWoXKap59_a06lEvX8IzkhoUzFdyVXg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Sat, 22 Jul 2023 15:21:02 GMT

GET
H2 200 otToken.js Show response
storage.googleapis.com/fledge-tests/ 413 B
913 B 190ms
59ms Script
application/x-javascript 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/fledge-tests/otToken.js
Requested by: Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:11:15 GMT
age: 974
x-guploader-uploadid: ADPycduCXVD7g8jYAODqjaViC6ssSNtYxgIx02PVeo7fVw9xKDJ1whmv8Tx17o5MUe9f61jenOR0zmj6z22cxg_nLRthfQb31jei
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
last-modified: Tue, 08 Nov 2022 10:42:35 GMT
server: UploadServer
etag: "483749ebdd3ce30b016713e5624a0bf8"
x-goog-generation: 1667904155021583
x-goog-hash: crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type: application/x-javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 413
accept-ranges: bytes
expires: Fri, 21 Jul 2023 21:11:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 247ms
115ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1bc02366957861a152abc05593a0692bca94bc7431242715f9296b8c41a99ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11707
x-xss-protection: 0

GET
H2 200 bell.svg
s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/ 657 B
707 B 63ms
62ms Image
image/svg+xml 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1685041532/fe/zaz-mod-t360-icons/svg/essential-solid/bell.svg
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6d2002313fe4dc7cea780501d474df1d98af6be04b0cdb0a1366a841997a844f

Request headers

Referer: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/essential-solid.min.css
Origin: https://www.terra.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 393

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 33ms
32ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 21:12:50 GMT
content-encoding: gzip
age: 83679
x-guploader-uploadid: ADPycdvftxhEgvDaYJm8sfhJLdK72C4oBIEIaeYepPjBhtWr_yGLyv7dVzWnptaKqXNqpqnN9LO3wRBK_H7yY4tunQVj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Fri, 21 Jul 2023 21:12:50 GMT

GET
H2 200 trk
tt-10969-0.seg.t.tailtarget.com/ 70 B
740 B 241ms
146ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:terrabrasilesportes:1|_channel:bratargettecinformaticaapple:1|_channel:bratargetdiversidade:1|_channel:terrahomepage:1|_channel:terraconteudointerno:1|_channel:onboardsports:1&tK=1689971249&tM=direct&tL=direct&tN=direct&tY=3&tZ=652660111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
505 B 242ms
148ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: ac3baa7de52897b59aabc421fd365ea21216f1dd65d07c484bb20863c5359a5a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 58ms
57ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.terra.com.br&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 16:24:34 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 14575
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.terra.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: _KIvWA0Yeo_i3SmDOSU76apk200xV2UkRf0OS0e6AVFguT5UxALyTw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 264ms
91ms XHR
text/javascript 18.66.96.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&pid=9HDoEkaJieMK0&cb=0&ws=1600x1200&v=23.717.1557&t=2000&slots=%5B%7B%22sd%22%3A%22header-full-ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%221272x250%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.onboardsports.cobranded%2Farticles%2Fcabeceira%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.96.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-96-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P2
x-amz-rid: 8Z03GN6W1QGEG299QQ6S
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YFVTm3uwoQAPQN7xY-gXrB4DoARWY18D99XIoLrdAUUFbUy34uclKQ==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 250ms
89ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=3307385076&lsavail=1&bundle=jnotCV9SVVJkUmg3bUVhNXlHTVElMkJsV1pDajBUdUVOUDNRUEpoNm9Ham5sVEJsUncxdkxjMUFtc0h5cGp0aTFSb1U3OGJyakJoRFM0VDdNU2xyOG5aZmU4d1c4SXNob1lsbzRvd0VLJTJGQ2NyRFJEY3VhJTJCVGhjSTBLbUZYU3dVdHBWVWlhc3d1aW1TUFY3ZXVuOWxUbkZTdWw1bVElM0QlM0Q

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.terra.com.br
date: Fri, 21 Jul 2023 20:27:28 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
558 B 348ms
103ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 379ms
216ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&tg_v.viewport=s1&tg_v.pageid=3e861ee3e72c18127f34a27debc2960esqhs4eeb&tg_v.contentsource=onboardsports&tg_v.breadcrumb=esportes&tg_v.channel=esportes&tg_v.testfloor=false&tg_v.words=medium%2Cbrasil%2Cgrupo%2Cmata&tg_v.connection=4g&tg_v.fledge=false&tg_v.parceiro=true&tg_i.domain=terra.com.br&tg_i.page=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&tg_i.adunit=br_terra_onboardsports_cobranded%2Farticles%2Fcabeceira&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.onboardsports.cobranded%2Farticles%2Fcabeceira&tk_flint=pbjs_lite_v7.50.0&x_source.tid=fcd47419-45dc-4257-9783-6c8eaf144e3d&l_pb_bid_id=66aeeb5854a1ac&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fcd47419-45dc-4257-9783-6c8eaf144e3d&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.onboardsports.cobranded%2Farticles%2Fcabeceira&slots=1&rand=0.6840567068895542
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 10e291c228593a7d82b064e0cb24150d893a00e84566bf9d77d6c94b7886185e

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
963 B 318ms
164ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5cef9df49ee4dcb09dca52d70690773e2ba4420bacb7081ed6541155e85d5a57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
an-x-request-uuid: 9770e66c-6d9d-421e-ad35-343af8fd58ab
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 168ms
94ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6bc3ff926436aa78594e60b5c148e1b4c6313eddabaecb0ccb289cbf64c0fc40

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 21 Jul 2023 20:27:29 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
961 B 381ms
229ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

52b41bc3ab2522c81172cdb2b3278ef3b2c208bce6d40d347174c13bdfef1880

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
an-x-request-uuid: ca4a564d-3b2c-42d1-a03e-0245c400655a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
401 B 309ms
231ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
via: 1.1 google
server: openresty
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 247ms
102ms XHR
text/javascript 18.66.96.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&pid=9HDoEkaJieMK0&cb=1&ws=1600x1200&v=23.717.1557&t=2000&slots=%5B%7B%22sd%22%3A%22ad-content-s1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1211%2Fbr.terra.onboardsports.cobranded%2Farticles%2Fs1%22%7D%5D&pubid=bc92a28d-5a18-4ea4-9491-626e7826c69c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.96.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-96-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P2
x-amz-rid: M3GBK9S6CCJR27R0935F
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ivI1h-e4qL1bdT9ma0kNu6oEJbqAWH0xP_DdpS8oG5NgbvyEvz261Q==

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
962 B 369ms
227ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e33bbbcf968b03599c283ccd96bb38bf5101767cb9fe322e26e213fff9fb6786

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
an-x-request-uuid: 5abff2d7-9cb9-436d-9cf6-a95fd23e9870
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 584 B
1 KB 325ms
178ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10828&site_id=25078&zone_id=97396&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&tg_v.sticky=true&tg_v.pageid=3e861ee3e72c18127f34a27debc2960esqhs4eeb&tg_v.contentsource=onboardsports&tg_v.breadcrumb=esportes&tg_v.channel=esportes&tg_v.testfloor=false&tg_v.words=medium%2Cbrasil%2Cgrupo%2Cmata&tg_v.connection=4g&tg_v.fledge=false&tg_v.parceiro=true&tg_i.domain=terra.com.br&tg_i.page=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&tg_i.adunit=br_terra_onboardsports_cobranded%2Farticles%2Fs1&tg_i.viewport=s1&tg_i.pbadslot=%2F1211%2Fbr.terra.onboardsports.cobranded%2Farticles%2Fs1&tk_flint=pbjs_lite_v7.50.0&x_source.tid=2dda136d-5375-4f49-82a1-b2ecb73cbd2b&l_pb_bid_id=1814d1e1b900ef6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2dda136d-5375-4f49-82a1-b2ecb73cbd2b&rp_maxbids=1&p_gpid=%2F1211%2Fbr.terra.onboardsports.cobranded%2Farticles%2Fs1&slots=1&rand=0.7852662710156066
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 82ab7f39eb09587ab89a19137fe3373cfe638b59e00981c00a17933af08a97a5

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 584
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
769 B 158ms
96ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUDV2PQ3
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6329d3be03b7a81a1b4ce44379df278c1f6f404504e7743b25af520a0fa07d36

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 21 Jul 2023 20:27:29 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
558 B 334ms
107ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 223ms
83ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=41080082081&lsavail=1&bundle=jnotCV9SVVJkUmg3bUVhNXlHTVElMkJsV1pDajBUdUVOUDNRUEpoNm9Ham5sVEJsUncxdkxjMUFtc0h5cGp0aTFSb1U3OGJyakJoRFM0VDdNU2xyOG5aZmU4d1c4SXNob1lsbzRvd0VLJTJGQ2NyRFJEY3VhJTJCVGhjSTBLbUZYU3dVdHBWVWlhc3d1aW1TUFY3ZXVuOWxUbkZTdWw1bVElM0QlM0Q

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.terra.com.br
date: Fri, 21 Jul 2023 20:27:29 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
66 B 319ms
253ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
via: 1.1 google
server: openresty
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
963 B 405ms
267ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

961eb42be14d520149decf378356236517985cb4721f9b320672e9439a88c3e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:29 GMT
an-x-request-uuid: 3d811b46-7b68-4410-a260-2c3cc3e522c8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
61ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=377141612&t=event&_s=2&dl=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&ul=en-us&de=UTF-8&dt=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=one-tap-sign-in&ea=DisplayedReason&el=opt_out_or_no_session&_u=aCDAAEIJAAQCACAMIC~&jid=&gjid=&cid=163260690.1689971248&tid=UA-54936151-1&_gid=681474410.1689971248&cd1=esportes&cd4=contenido_digital&cd5=esportes&cd6=3e861ee3e72c18127f34a27debc2960esqhs4eeb&cd7=not&cd9=terra&cd10=light&cd18=onboardsports&cd48=terra360&cd49=false&cd52=light&cd60=9.6&cd62=4g&cd63=false&cd64=browser&cd68=interno&cd72=default&cd75=2023-07&cd84=8&cd85=1&cd92=0&z=995347380

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 15:12:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18873
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mod-notifications.min.js Show response
s1.trrsf.com/update-1674586311/fe/zaz-mod-notifications/_js/ 9 KB
3 KB 61ms
61ms Fetch
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586311/fe/zaz-mod-notifications/_js/mod-notifications.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 31f1a4a51455378e4dc8df3ad43341034b8a64663dcfa2679f3892717ccb242a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:51 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2504

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B39B 85 KB
28 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689859505/fe/zaz-ui-t360-content/_js/context.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b65b083a179322c03ae587b5011ce202a66bacd97fa6b14f7f3c591cc8308f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28347
x-xss-protection: 0
server: cafe
etag: 771 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:29 GMT

GET
H2 200 prebid7.2.0.js Show response
publyads.jstag.space/ Frame B39B 228 KB
70 KB 140ms
43ms Script
application/javascript 2606:4700:3035::6815:193e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publyads.jstag.space/prebid7.2.0.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689859505/fe/zaz-ui-t360-content/_js/context.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

954581c979b209cb6812bd2b086fbc8f3bebc7f64d143c2cac8a1bc22ffb887d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247018
cf-polished: origSize=234146
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 22 Jun 2022 17:42:14 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohw3ZwfDLS%2FARQmOQnAR80xbEEA2QyOiuPTn6PElF%2BSscPG2Enp8YSMNmHp%2Fq6j7XeOlci40kDa9duTPiEGR3tOt4rDaSDXlTZTLpGlGo2vUrVkIfIB7suB8QsJFqHcirS8i9qm61Q%2BNSDsnD49vsGOBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7ea62f56780bd963-HEL
expires: Thu, 17 Aug 2023 23:50:31 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 213ms
79ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 20:27:29 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame B39B 385 KB
122 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9405
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 17:50:44 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 143 B
575 B 159ms
155ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=4&tU=0100007F31EABA64A506084402E1831A&tX=b.52&tZ=557121726&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: ed4a454a1a9cd6d9bc4421c253fff2d1d0b563cc61e383de8743767692994b24

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A1B 13 KB
5 KB 68ms
57ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 2309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA1B 783 B
967 B 77ms
71ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5ef2ac7ba213616b276b0aa1d86d72f2d59312d4c4f678f98dc98743465dbf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bZzojIAqdasdnFcUjYdZFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-bZzojIAqdasdnFcUjYdZFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:29 GMT
expires: Fri, 21 Jul 2023 20:27:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 601ms
601ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3392324880160075&correlator=3196960690940199&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.onboardsports.cobranded%2Carticles%2Ccabeceira&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C1272x250&ifi=2&adks=2246152536&didk=3155275638&sfv=1-0-40&fsbs=1&prev_scp=viewport%3Ds1%26refresh%3D0%26pageid%3D3e861ee3e72c18127f34a27debc2960esqhs4eeb%26contentsource%3Donboardsports%26breadcrumb%3Desportes%26channel%3Desportes%26testfloor%3Dfalse%26words%3Dmedium%2Cbrasil%2Cgrupo%2Cmata%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D29b7af470259c3d%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D29b7af470259c3d%26hb_bidder%3Drubicon&eri=1&sc=1&cookie=ID%3D922c50b8639bafcd%3AT%3D1689971248%3ART%3D1689971248%3AS%3DALNI_MYd2ZplZSB22wJ0EArw_pjDW77WwA&gpic=UID%3D00000d000aca8da1%3AT%3D1689971248%3ART%3D1689971248%3AS%3DALNI_Ma_SKEMHp04dGhA4ICZElv7-RCIPQ&abxe=1&dt=1689971249933&lmt=1689971249&adxs=436&adys=213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&frm=20&vis=1&psz=728x250&msz=728x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=163260690.1689971248&ga_sid=1689971248&ga_hid=377141612&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsJiL0ZcxSABSAghkEhkKCnB1YmNpZC5vcmcYm5mL0ZcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLCYi9GXMUgAUgIIZBKuAgoIcnRiaG91c2USmAJoQXFaanV2VkErM3BzN2twdGcrVGtkZHF5U0doemVOVnRLYmdXZ05LY2hLRis3dzBMVlRDZERZYm1LOEE3YXNmenFGNFpibk8yODRkMEJ0dzFjd0JpcFZhT1ZySVloeUp1ai9pYTYwNGxURktpeFRnZ2ljdmlsNE1DS0hIckZ4SUJUMXZBbFdqY0ZZakhDdjdERzdiL0hjdGt0TEt5ZmF1N1ViYlFZQ25uejMyRGYveUI5SGtvL21KcVlJKzlrRWNsZE91TkI3Y0d2T0FzWHZGV1E2bFppclNCa0xwd0dBYjdaWFVCQWh4UmNSaXViWG5pODBXeTFrTklIUXRheE1hV3lVMjlsQTlCRFhoUm04WENUaytidz09GLabi9GXMUgAEj4KBW9wZW54EixleUpwSWpvaWR6aENTbEV5WldaUlJrOUxaa1pTVEM5RlQzSXhVVDA5SW4wPRi_nIvRlzFIABIZCgp1aWRhcGkuY29tGLCYi9GXMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YjZuL0ZcxSABSAghq&dlt=1689971247273&idt=877

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23846ed1758aae96b92730d47b8cac5958f9e9c234c1ba0d9f793493a19dbf13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12221
x-xss-protection: 0
google-lineitem-id: 6348973822
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138439872426
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 400 cdb Show response
bidder.criteo.com/ Frame B39B 0
197 B 71ms
71ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=15678666164

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 20:27:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B39B 290 B
346 B 177ms
176ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18270&site_id=274002&zone_id=1545744&size_id=43&rf=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&tg_i.pbadslot=%2F21831561254%2Faudima_player_terra&tk_flint=pbjs_lite_v7.2.0&x_source.tid=da9b5fa9-9f69-4e3c-8b7e-28707ed44201&l_pb_bid_id=4c8bc021ae3cce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21831561254%2Faudima_player_terra&slots=1&rand=0.5268679751953431
Requested by: Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 77cbdd3f6cb232b5aeda12940d9c9218593ddffa8d95663f804992e33a396bdc

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 290
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame B39B 144 B
989 B 172ms
172ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5a379aad4b60493c03becc0ff603ee4b0ac26712b9d89484225cdfbad63855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:30 GMT
an-x-request-uuid: e12160ad-bb27-4649-996b-176c9d3d8483
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 757ms
757ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3392324880160075&correlator=1696460369702386&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=1211%2Cbr.terra.onboardsports.cobranded%2Carticles%2Cs1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=3&adks=3102069767&didk=2382027107&sfv=1-0-40&fsbs=1&prev_scp=viewport%3Ds1%26refresh%3D0%26sticky%3Dtrue%26pageid%3D3e861ee3e72c18127f34a27debc2960esqhs4eeb%26contentsource%3Donboardsports%26breadcrumb%3Desportes%26channel%3Desportes%26testfloor%3Dfalse%26words%3Dmedium%2Cbrasil%2Cgrupo%2Cmata%26connection%3D4g%26fledge%3Dfalse%26parceiro%3Dtrue%26lite%3D0%26devicememory%3D8%26pf%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D922c50b8639bafcd%3AT%3D1689971248%3ART%3D1689971248%3AS%3DALNI_MYd2ZplZSB22wJ0EArw_pjDW77WwA&gpic=UID%3D00000d000aca8da1%3AT%3D1689971248%3ART%3D1689971248%3AS%3DALNI_Ma_SKEMHp04dGhA4ICZElv7-RCIPQ&abxe=1&dt=1689971249971&lmt=1689971249&adxs=1066&adys=602&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&frm=20&vis=1&psz=306x250&msz=306x250&fws=4&ohw=306&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=163260690.1689971248&ga_sid=1689971248&ga_hid=377141612&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsJiL0ZcxSABSAghkEhkKCnB1YmNpZC5vcmcYm5mL0ZcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLCYi9GXMUgAUgIIZBKuAgoIcnRiaG91c2USmAJoQXFaanV2VkErM3BzN2twdGcrVGtkZHF5U0doemVOVnRLYmdXZ05LY2hLRis3dzBMVlRDZERZYm1LOEE3YXNmenFGNFpibk8yODRkMEJ0dzFjd0JpcFZhT1ZySVloeUp1ai9pYTYwNGxURktpeFRnZ2ljdmlsNE1DS0hIckZ4SUJUMXZBbFdqY0ZZakhDdjdERzdiL0hjdGt0TEt5ZmF1N1ViYlFZQ25uejMyRGYveUI5SGtvL21KcVlJKzlrRWNsZE91TkI3Y0d2T0FzWHZGV1E2bFppclNCa0xwd0dBYjdaWFVCQWh4UmNSaXViWG5pODBXeTFrTklIUXRheE1hV3lVMjlsQTlCRFhoUm04WENUaytidz09GLabi9GXMUgAEj4KBW9wZW54EixleUpwSWpvaWR6aENTbEV5WldaUlJrOUxaa1pTVEM5RlQzSXhVVDA5SW4wPRi_nIvRlzFIABIZCgp1aWRhcGkuY29tGLCYi9GXMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YjZuL0ZcxSABSAghq&dlt=1689971247273&idt=877

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68cf1a3fae84d0161e65b695bf471800c0b87750d5dee6bdaeefc7453bcbf406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11546
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zodiac-solid.min.css Show response
s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/ 1 KB
513 B 76ms
76ms Fetch
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/zodiac-solid.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 5e096a3c44d5758de1ad470914312cb8f5d398b3ef00920960d3dce34e4acfe6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
last-modified: Thu, 25 May 2023 19:10:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 205

GET
H2 200 shields.min.css Show response
s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/ 19 KB
3 KB 62ms
62ms Fetch
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1685041806/fe/zaz-mod-t360-icons/_css/shields.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 31152ebc18921814fc84d02d35de5bef4594e13f30cf71b0c03de33970406483

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
last-modified: Thu, 25 May 2023 19:10:06 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2418

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A1B 37 KB
14 KB 181ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 262810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA1B 0
0 207ms
96ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=3392324880160075&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 ca Show response
tt-10969-0.seg.t.tailtarget.com/ 120 B
147 B 152ms
151ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=993028175&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 4df5ae0d1b2255b7d8e906067315b20b1941ecbe66c4bd98516d06c10dd4f00a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B39B 56 KB
22 KB 833ms
832ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=289524336854398&correlator=484093660297737&eid=31072019%2C31076313%2C21065725%2C44797785&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21831561254%2Caudima_player_terra&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=1&adks=3246890726&didk=3351837280&sfv=1-0-40&prev_scp=grupo%3Dcontrole&eri=1&sc=1&cookie=ID%3D922c50b8639bafcd%3AT%3D1689971248%3ART%3D1689971248%3AS%3DALNI_MYd2ZplZSB22wJ0EArw_pjDW77WwA&gpic=UID%3D00000d000aca8da1%3AT%3D1689971248%3ART%3D1689971248%3AS%3DALNI_Ma_SKEMHp04dGhA4ICZElv7-RCIPQ&abxe=1&dt=1689971250167&lmt=1689971250&adxs=682&adys=771&biw=1600&bih=1200&isw=320&ish=50&scr_x=0&scr_y=0&btvi=0&ucis=detlge1bmlz9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&ref=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&top=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&frm=23&vis=1&psz=320x50&msz=320x50&fws=256&ohw=0&ea=0&ga_vid=163260690.1689971248&ga_sid=1689971250&ga_hid=2027326126&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsJiL0ZcxSABSAghkEhkKCnB1YmNpZC5vcmcYm5mL0ZcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLCYi9GXMUgAUgIIZBKuAgoIcnRiaG91c2USmAJoQXFaanV2VkErM3BzN2twdGcrVGtkZHF5U0doemVOVnRLYmdXZ05LY2hLRis3dzBMVlRDZERZYm1LOEE3YXNmenFGNFpibk8yODRkMEJ0dzFjd0JpcFZhT1ZySVloeUp1ai9pYTYwNGxURktpeFRnZ2ljdmlsNE1DS0hIckZ4SUJUMXZBbFdqY0ZZakhDdjdERzdiL0hjdGt0TEt5ZmF1N1ViYlFZQ25uejMyRGYveUI5SGtvL21KcVlJKzlrRWNsZE91TkI3Y0d2T0FzWHZGV1E2bFppclNCa0xwd0dBYjdaWFVCQWh4UmNSaXViWG5pODBXeTFrTklIUXRheE1hV3lVMjlsQTlCRFhoUm04WENUaytidz09GLabi9GXMUgAEj4KBW9wZW54EixleUpwSWpvaWR6aENTbEV5WldaUlJrOUxaa1pTVEM5RlQzSXhVVDA5SW4wPRi_nIvRlzFIABIZCgp1aWRhcGkuY29tGLCYi9GXMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YjZuL0ZcxSABSAghq&dlt=1689971249564&idt=379

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

536dbec0288cb719adfba8eb85fec22039e7e63dc0533c1d2817fbff1750543d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22170
x-xss-protection: 0
google-lineitem-id: 5114234125
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138429996097
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B39B 15 KB
12 KB 115ms
112ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c0f0ed8f833cdbba7f2512af399185f2a742e6bd42ad3a94049a8c5167262f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11967
x-xss-protection: 0

GET
H2 200 container.html Show response
6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDE2 6 KB
3 KB 87ms
69ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:30 GMT
expires: Sat, 20 Jul 2024 20:27:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B39B 17 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 20:27:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A1B 0
10 B 59ms
58ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j3p8lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 178ms
147ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=_helsinki_uusimaa_fi_1689971249949_3117154744&tJ=CA3731,CA6935,CA5678,CA4723,CA4729,CA7125&tQ=terrabrasilesportes,bratargettecinformaticaapple,bratargetdiversidade,terrahomepage,terraconteudointerno,onboardsports&tU=0100007F31EABA64A506084402E1831A&tX=b.52&tY=1&tZ=810617490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AC5 13 KB
5 KB 60ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 2310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 674A 783 B
536 B 73ms
72ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d191c78c3ca33ba3d0df902a2368061b67c411c51c53bf60e847748dedd43c23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j3GXRQFvtsdrLBU-BVB39A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-j3GXRQFvtsdrLBU-BVB39A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:30 GMT
expires: Fri, 21 Jul 2023 20:27:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 include Show response
p1.trrsf.com/api/includer/ 10 KB
1 KB 198ms
197ms Fetch
application/json 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/api/includer/include?component=app.t360.navbarNotifications&country=br&env=prod&format=json&group=web&scheme=https
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 17bff033530b168de0b178b2d5ebc0d27e8f66519806a431a685e18614dc1eec

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: gzip
server: cloudflare-nginx
vary: Accept-Encoding
x-cdnterra-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=300, stale-if-error=86400
content-length: 832
x-includer-uuid: 68aa4e2b-19a6-49b7-9e70-0309a910b386

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AC5 37 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 262810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 674A 0
0 94ms
94ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=289524336854398&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 338A 0
0 99ms
99ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBu51KYekAnrb9WHmzgNIrgV8kHDrDG-xJoq250iESNL2EkcNH1SMYr3hUoZ61P-wgIOH50xx5hh4PSRsIAKicCMzgk0d1V6chgzUAd4JpxMkvJs614ranSb_v5WbTbBAv0O095Zag_BmGWt3oJ4nwwav15RP8M2uj8KxZr3jbSrCfF-MLPZ4GS2Ep4JbDzag46g1ud5cFAtJtxNIWH6MAKejpkj4FySyYYaoQG4Aty9W3jcgDUiWl3_hEd7gc7VWbJx45MSTp_PFF2WFlU5tKtDtfEdpaE5lcb8FG7nrcokIURo_ecPRdkb_Oj2mu4X7DM28Zka7ANdsVsMtbRWMMkPGYnCBY7Fm2Mvb4drwdK4b6Vh2Jg7H6PFhxpw&sai=AMfl-YSRxiAD7KamIdLIgbVIURaNdyeVbzl0epk3d3ekazlfE1CMqNl7vvURBqAjbIQfCSf9uUsnX_bhP11VWwlWr0ZH_cbKS-k_A41z2_twL5aQPfF9Zmxl3mjdNIneNIw&sig=Cg0ArKJSzAQpptiFTeJTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 track Show response
c.t.tailtarget.com/view/TT-10969-0/BK9JGVMW9X/ Frame 338A 43 B
107 B 167ms
146ms Fetch
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.t.tailtarget.com/view/TT-10969-0/BK9JGVMW9X/track?tZ=664897642
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK S.ashx Show response
wlskyinfopartners.adsrv.eacdn.com/ Frame 338A 1 KB
1 KB 261ms
85ms Script
text/html 40.127.232.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wlskyinfopartners.adsrv.eacdn.com/S.ashx?btag=a_1304b_1409c_&affid=4&siteid=1304&adid=1409&c=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

46f815ce7acde1b5ef3aa3ef24494af227e720ad3e06c9a05940d4cca5657d29

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:27:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private
Connection: Keep-Alive
Content-Length: 517
X-XSS-Protection: 1; mode=block

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 338A 179 KB
57 KB 254ms
102ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:30 GMT

GET
H2 200 app-t360-navbar-notifications.min.js Show response
s1.trrsf.com/update-1674586299/fe/zaz-app-t360-navbar-notifications/_js/ 10 KB
3 KB 66ms
65ms Fetch
application/x-javascript 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586299/fe/zaz-app-t360-navbar-notifications/_js/app-t360-navbar-notifications.min.js
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3670b5bf9d32756f15bee73a77f2da18bcb80db609e8f6f69dec591e0a450038

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:39 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2513

GET
H2 200 theme-default.min.css Show response
s1.trrsf.com/update-1674586299/fe/zaz-app-t360-navbar-notifications/_css/ 4 KB
1 KB 69ms
69ms Fetch
text/css 2a02:26f0:7100::1720:eec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com/update-1674586299/fe/zaz-app-t360-navbar-notifications/_css/theme-default.min.css
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 146f880d15c6b94d3679a9dddd04a7111752355c890fba4f9039e44097a1b3a4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 18:51:39 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cdnterra-cache-status: MISS
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 767

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AC5 0
10 B 63ms
63ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9HtMuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B60D 6 KB
3 KB 66ms
63ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:28 GMT
expires: Sat, 20 Jul 2024 20:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2114 624 B
476 B 127ms
123ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6imM8EEImGttkEGN6fqewBMAE&v=APEucNXudXJNAadKQ9vERJigGXWFE9hkPF8U6FzbT_WjBvIiJVJPkENXVtDrZ1tj88i4md5_Y7qzMLP0BBaL_GVgWAqhbgtUGPXVRpdH2oM6n-8MEWLeb26fOrdRxdrkH787kMd0V4MZcwMvinP0LsZ43UvYeSKWkIuEpnBUdK0ribe_BuShBtk

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B60D 85 KB
29 KB 124ms
122ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B60D 42 B
63 B 97ms
94ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQUzL99MKGaL41rBV3EMTTXUbJcIl9p-XfYjRunlWtXvnxFtv3q9c8QEaax4XwKDxCPUJY77y8TdL6kvlz73BBzdX0VXvzjv0p2iEZm5zrfQ-U4So

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B60D 0
20 B 97ms
95ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17925527700664214602&x=1&ct=76

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame B60D 3 KB
1 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame B60D 20 KB
8 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B60D 0
0 68ms
66ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFa2_KxjOjuXJM3ezXOnvaGzYYG2JKd79CF44NVJ5r-aeOd0nWhbMUO54iXD3rk4J-F7fzgZVNaMskhxLhMR_nYfIDrg
Requested by: Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B60D 179 KB
56 KB 102ms
100ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:30 GMT

GET
H2 200 s.5.6.min.js Show response
wlskyinfopartners.eacdn.com/TrafficOpt/ Frame 338A 7 KB
3 KB 220ms
66ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlskyinfopartners.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: wlskyinfopartners.adsrv.eacdn.com
URL: https://wlskyinfopartners.adsrv.eacdn.com/S.ashx?btag=a_1304b_1409c_&affid=4&siteid=1304&adid=1409&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
etag: W/"56fbf9ff-1a7b"
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/javascript
x-azure-ref: 20230721T202731Z-3xvtnawtct3adf1r1t0c14mcg400000008a000000001z1hd
cache-control: max-age=0, no-cache

GET
H2 200 Ad_1409.js Show response
wlskyinfopartners.eacdn.com/wlskyinfopartners/img/js/ Frame 338A 608 B
838 B 222ms
68ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlskyinfopartners.eacdn.com/wlskyinfopartners/img/js/Ad_1409.js?t=2023072120
Requested by: Host: wlskyinfopartners.adsrv.eacdn.com
URL: https://wlskyinfopartners.adsrv.eacdn.com/S.ashx?btag=a_1304b_1409c_&affid=4&siteid=1304&adid=1409&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e5d3f578e4976231880406bb831b1e83f159963d7be14d5978e61d996c100388

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
last-modified: Mon, 29 May 2023 13:31:11 GMT
etag: "6474a91f-260"
x-azure-ref: 20230721T202731Z-3xvtnawtct3adf1r1t0c14mcg400000008a000000001z1he
x-cache: TCP_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 608

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
99ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=3392324880160075&bg=!LC-lL3vNAAZsPphkTD47ADkAdvg8Ws8d7G39o5Vy9FcDnULXtzL7bIpbc_1haHEZ2rU-_r8pKHahN-qRpKwtZ5NbMcan0oP35fACAAAAgVIAAAAMaAEHCgBPsln3YluOcUvLy9Rk5gI1WofpK-qSRD6s65wVZqAyBLWQVQLcwpphoqSKZ74lPIfstqIsze-pS19QWFPKdEIlfcSn-AeZ4WsZ_Qttnkrjz5kC48Fl69IirpRSuRQNUJcpteT3wYo-ZDaGUrTavPeWRMDThzHyw0OohKTUQkNfxx91lhZGS2NPawh6MjxCPbPH2f2H1UBeTxEzNWYJXi5vSeWpb_H6IxbS0RzWRzPQW7j1Txi3BY7bvGECz8s1fAL6_80-f_vP5mPohxLxwOn4bkr4aw6cTPJncdKfgUTmc7cf3atoZdNzfVbncKMsFR0pr5REsW5za_Kk41uI4KxgLS7xFDoe44Xwpz1q1BvcJKTAdH3ADT915-wTZcLx9mmWkRrGPvoC6ODKd16m1rjoU_rT2YSLpTr_weqYWEXAFIajASiiCYlxiMmQd1aFz8p-PNf4J2gRayai2yL3j_1DdfwtOWZ1zpB4DbH65lwdZ_v7LX_-0jLeWmCgQibu1VXAG6x67Yqi1zMTAdmdzNloxZjVAn6QuaUHH37puDW1Kh5MN4ARK8bAZmFnLqrJqyg4HoJK1Mhc8Lktu2EsqONvwgjpF74WChpoHct6gtFLXxsSDqkvVBYk4_-e822EBq1xYq8LZhSiuUjXOVLkOaai1vGRdAdG_Q8mTYK37WA24tYun0sWr4pCJmefWCDIy6K_LmdbXJm-3lvKmo69fkHTCWwaemAQ9gmD5i5x1rygWtjm8wrxLcr26F44th-244Fc1yx3pyXM0HnJBAIflVrNwhO303B8K-31WCGXJSq-FVzbCnOEZkizu6_TzL5CqJxiTeSCgRNL1HbcgMYfZAmWKGp6ioBw2ktmW8AzakPIGfXIiBzlTXnkZSIK3GcfJ12UTa7-F5Q2BW0q2oc39rX3qVrmpxe1peJTdbQ1O0Ix3ebDyfj_ACWJjXGn2-Y-sIevQH4P5t7-uTNI5KVlF42OVN05rLvEobLGc2xLg0t4IQbe_BbS3V8g0SUUH8G9JcU85Zs-U7nhXrS7uTX_6ym_EMG99_B_dq8kiTKAsw2EGQWfQcx4AVLZFQ0p9u7Y0ABnMmjj_2Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2114
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNZVaRFNQQxXRsvcwzAzkE&google_cver=1

43 B
766 B

103ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNZVaRFNQQxXRsvcwzAzkE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6imM8EEImGttkEGN6fqewBMAE&v=APEucNXudXJNAadKQ9vERJigGXWFE9hkPF8U6FzbT_WjBvIiJVJPkENXVtDrZ1tj88i4md5_Y7qzMLP0BBaL_GVgWAqhbgtUGPXVRpdH2oM6n-8MEWLeb26fOrdRxdrkH787kMd0V4MZcwMvinP0LsZ43UvYeSKWkIuEpnBUdK0ribe_BuShBtk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:27:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMNZVaRFNQQxXRsvcwzAzkE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2114
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLrqMxfB6K1QtccjQW0d9wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5QCeCxWI0E1dmQBJfDEc&google_cver=1

43 B
766 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5QCeCxWI0E1dmQBJfDEc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6imM8EEImGttkEGN6fqewBMAE&v=APEucNXudXJNAadKQ9vERJigGXWFE9hkPF8U6FzbT_WjBvIiJVJPkENXVtDrZ1tj88i4md5_Y7qzMLP0BBaL_GVgWAqhbgtUGPXVRpdH2oM6n-8MEWLeb26fOrdRxdrkH787kMd0V4MZcwMvinP0LsZ43UvYeSKWkIuEpnBUdK0ribe_BuShBtk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:27:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5QCeCxWI0E1dmQBJfDEc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2114
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJ4sLsQEFHzhhn3p38-T2s&google_cver=1

43 B
841 B

56ms
55ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKJ4sLsQEFHzhhn3p38-T2s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6imM8EEImGttkEGN6fqewBMAE&v=APEucNXudXJNAadKQ9vERJigGXWFE9hkPF8U6FzbT_WjBvIiJVJPkENXVtDrZ1tj88i4md5_Y7qzMLP0BBaL_GVgWAqhbgtUGPXVRpdH2oM6n-8MEWLeb26fOrdRxdrkH787kMd0V4MZcwMvinP0LsZ43UvYeSKWkIuEpnBUdK0ribe_BuShBtk

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
an-x-request-uuid: 09689829-366e-4493-8c80-6777fc62cb53
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKJ4sLsQEFHzhhn3p38-T2s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2114
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzk2ODU4NDYzNTQzNDk0Mw%3D%3D

170 B
409 B

150ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzk2ODU4NDYzNTQzNDk0Mw%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
an-x-request-uuid: e520f152-1509-460d-9a13-eb2e76362ebe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzk2ODU4NDYzNTQzNDk0Mw%3D%3D
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECBF 0
0 102ms
102ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9epLc_hdZSkNJOkNIDL0KjRZYjQQPvA4aq_2Pg4GUlXJaoWLYngLbZd_jBb_SxY-QqRceiGdKlX24VeYK51kq6iTcrYPG0zIDRzHdPuwNSOIk_Fy0CH7ncQ7uYf95uCN_JjdmBRoB48LhGIZIwNi3HDcuQ_yhKRsU521nqdqRGMAehT3803uMoxLKqVJ3Ux3qjmFgEgylavw5kPEensrIz9riIIxgJibbKie4urctgT4UAVGEz_zjzOoY6322rojggnKUFcHV_1fUPIhUH7U0xa_7yuxTha-2_Zu9lP58tzFlGfoOJ664ghJdKdZpJuHBLXIzo9v8PLVOkklt&sai=AMfl-YSPMrnDBaDG1vK-Vb1qADBeRlBOlBAMaTZkejGdVJn1dysWqWqZ7h1RyptUZ5lIAhU7psMJa2K_Lr9DFvnYPJQ7kw-RdiOS7Y61HoU3gvV34mqesJ185qkw63B-9dI&sig=Cg0ArKJSzE_TtcdfjaKWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame ECBF 23 KB
9 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame ECBF 3 KB
1 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECBF 179 KB
56 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:31 GMT

GET
H3 200 2342609189151454014
tpc.googlesyndication.com/simgad/ Frame ECBF 23 KB
23 KB 59ms
59ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2342609189151454014

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3f038dfb5a6aad95585647433da60342dd99576ef83683258a8f0e1b326d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 21:40:11 GMT
x-content-type-options: nosniff
age: 514040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23540
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 14:32:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 21:40:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ECBF 0
0 67ms
66ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1jGov1KnGEh_6oHh1syQFRrLsMhYkCKZZSHwm5GHNIM8bAYgyQTxIJu2B8Xk69OSMfJ1YHEMHXA4_cUS3eBw-h18W9g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame ECBF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a228ee2a840a42200e8420acc98f4dcf04d28c0c55a981944ea14eb72fb3396

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B60D 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4638720982734&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B60D 0
20 B 94ms
94ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4638720982734&version=m202306200101&ct=76&x=1&cor=17925527700664216000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B60D 87 KB
37 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSUMi3dMoTOG_CuSm8cc8xHtyhk_crEnj_HKyu3udUI3QuidoXuTUiVGrzJUV-4Jf9J4-qxyXmzj0dd_mhBBIEBDPEWQ&cry=1&dbm_d=AKAmf-CLLsE1ixb-Jus52zsw1TD1NvtvkW81MSFQYhGwEKIzbysTOi2J87G-u2LK_UWeQe6-UWHZrx_op6H-yVXIU0rwZLlwEByezUZ-Xfb4gUqSThSYrAelEIAKEbHx7I5UAUYfxFPtjV4DAPFp82oXXX3xZkhPkius_zX8TrfxQxqbk0zYw3Utsse1aXeaiATZLiaaozu06cy_ZeeOYXWmR52MC45jhpsvHwbnmB1l5C8QoMdRBN0GER9OKqoMo04jK5-utXSvwKQRW1qY9_8ClrVbtkjUCuGl7Ir-yYBq70fg8L2wptX44CyJPuhzt85EoZdWnKBEd2nfeAQyY7bnSYQpy6sLxXBPSN0TwEH2fjFBT3dW4TCkRMsgJHMNnWzKyF-GQXWzXQV2kNA5-r4BMGILbEyEl3uhEe7wgWHeXMhJJey51N1aqe-nlCs1m3NL6EJrkpHYF8XiiF8U6T3lFxuI8fvOldBDZzUAcnqHAoodEto1_8P2fhBDf20X9kXZZ-ev6bcxB12JdrLWAOAiU_yTdEjw8kA1mmBWPbPJ0ND94gOb3YtZiH-dgnXgj_8l_Iy5wLlrEBOwZoVa_aK0TUTNK4Eh6cJlag6E9X8NVZBaTgvWIbFGlmGJFa_ghPAJO7cyEx-mdf77OuWB5C18XlRgDr3xiI-6FbTRiczkudUNJul_ckSDCSkfPIgNr_h0jZtdLAWB7hlYNdZjXvrSTC2QrL3WDO7Y_XMpeJa36XybIwL0ZXCOzi8eSXFqz-tF9fAnqhqG-TW975oDikhjKUsx37gwPn40IvvkN2kycsXRxm--y2jIWnwCAxfT-POtXAwGCFsxgFTI09W3A3_aG-UKpQpWIMdVQMXbw9WQpCIOQ6qrPzcRy8UUGSsprOclMSurS21I4Ffm86DPzAfREJwDIjFIlW-_wEqI0mTubKn1_dzDdvlAqk_YQzxFISoR-NHNsbqdbw982-dhXKl1R_XX2796O4SjtR-Og432-w_mm5U-Ze6f8lZy3xMWA8xiMMR58i34WIlaqOpx62ZVXBzWacseyS63dxalmAsD3nGYEi385hOEDdFMJBueWrPTYp4wuw4xdESOHBJIGDnRU6q7FIo3Onp3exAkrZ4S4NcCWfp3_P8FupZ9fNo_6uo6QmHs46XlraSljfJsmn0u3sX1D4VgP65_8RNt7Cg-yJsiZ98pEquOdN7WVVX_EwtqJJGHyckMZvWIfVGe_rhIZSWD4694c0a_ng2bpAbNFVJLf-8v2hJE_Kk6Xku3trfcpaoMlFcug_olwkQ__z62sk69eYOB-NOaz6ava4Bv08lyKbRhDB6IpHUtfm4BPZFPcq2zUXeMRy22CTjwEeZ-6OUEi_X4H7MajT3jtsXdQdvf8deizDFp8CeAo9kIHwqqINcQoC3g67I2hob8_AoWja4jOFyI65x1jlAP-3UQsjaxgCINLbnlxU95oS7KU4PowVTFaoYeGRMOFMsg91EIJghKP6EJwQBUJ_qPrXML6QFY6QsJs0TmBqEWoAbPoWZX0P_6ufGF13SZXUP1P_8ZRu9q4t1CtjssawZ6Id4HfRvEhjkqXzmnxwBCrix79mpZ1E6NNbnQkDCui1YkAwnk8eqZAwWjgwExUqx7wX_jSLlhb5HSeYvPGaiglMgkLjMklQ1ccoXAgOSHcZAH1pcUfdDUwDY3p_eNGBQ1d6ENbWCIsZ_ii4qXaFo7rkLisjTV-cZizZhGhdIQHJYE74PIwVN5ziD34XEf6Fuu-uyowNnvW4Zf81tmL1JgZohJE7k4wh7gDD_6b6DcRzIu_9pAJx25WbdfSBZuQOEs_PhREOVDLXFarb7gUAf0cat7G1Hy5eGz8TwLKiWboDmBNbXQFFCAYTWFz5eJKxEVK4T5L0WK9IHWkCpvQQuYdBy9bx7OLoBI3duT8hgBOU65LgHHvsU6tg5OepuNB2W47TU1OWWZzqRtmJ2rUUcx0sqrZOQXP7vwYwpC_nvVVZQ_-VSLExXx1QlgTKNYNrW0DLqxA_33sYdE42O94uZHWFwp1zvkPZQkFOEmyTz1w25vCsoXC-JkVXjyJO__KytV2hrgCQdMJqzctIS5F0pzSnNBgmYOgVDCfUpSK4SMKua_dZvM99QviCgPULy--wfbMtREPxTijHjk5V3EVUSGttsP_I24YkQrGau7Ltkwb3hQf-I_CTMHHEOx1qvy5-IaWH-dh-hnqkttJj3Wyw8KKm7g1ql59TjDgD8JJxAAackiOIvc1bpW_bIoIcXt-kYn8iyy0sO8E2OcIDcH-M839fr1eR5qA6jf-kg_j94XFqw1tIqswPy9H3C-VxnSDnbtGhPvMuLpPa6Ia1ff-RuJ_6DVAFJvA8swlJ9WPAyGJB-l8U07DhrbFWTxuqKg_-ZXsomNNQ0JQ7LFxNpkyAW9EFuH-FRmeNPpX7k9Gt4y9Xmjb1nEwujKkzPOx2dNykGBUqLJklz_4eXPvjn6LHTybRNiVwVZFKQzu25fU37ga3G9xukCMk5MNUsaZ00SSPWEOko-oW5pJsLNlqnNLruJ6HVtpNb50H4kgKEcKVTeyKv0hlEMGdpnA2Dg8LHjkmf7mOz7I9HNqxq18pLwPcYo2PbiSiU2UQk6-mWTGOh4OBWKeS-qLFqrd6LtNgy6woq34J_2bs41huUtW-3pzu5QiGf10pH1dCgx3tsp5cJc7a6L3Jnt5r9mwLGrNIEIaxMbH1RF-xFN1YihRRTz8Q1audooa0w6ET3TzccyLEUp1TF5zMWcyLm020ouErIWbSGlx9vHeyXE_uXwLUgr-SkIYYndr430yHNsTrbD8S9XMN_JAXR1Y1vGk5Sa6VkIb_6CfQ767c3J5BsEu7e53BHlJ2BuAGQKSyC6SDjx2g1EX9OgRG4lkColYNk49Fg55jjclcZoLgu7bqr4bycUa5qV7VZ6cOnrUi8mhqHWD84ATAsfTILl7DayZ0QhKcsqVTpti5zAxDJ5yxjzaHFHt-fWcZlC3AaRB3wkbUSn234Woh3dqLVvmNrQwcqf4ydDGt2JZASECHvlmSxz-BQ7835EcQBszrk7QferBpeH8fQCg-2LyKaQYt_o3uW6-qwRsvWPT8pYnzCjXpUsp8hOd6GR9v93qgZaxeNyAJtNfS3ImbhGCK2EqCt3rrMzhp-g-zkA-FkS_fiDOs-5Mk8Mx9Mpw05LmvhWXJv3Onqzml55h8dtMfL7WOblWVLQKTAdQYFhVGH1COL9tGTcAcfJZ3LV2n8KdFk2RJk_mIaVa77CJ5i3CvtZQxrWaJMDRb0MYIjHC-n_IOAmsko5FAi0C5ZPfzSegJA9FcVj6LTX8xQBS7PyCP01wKOuQsDM0C0l1HzY184bXXNC5_1nfmGeB05IMqFosZ5c4I1YhaxJrMEdcNiCKizL8sKoNHljLbUcCGaLJLP8RB8tnXvQ41vxDQkRylx0kQEyEeLXsN_ozXYn-1GUVFjmBbfPi9CsMA15Lsnf6jlSW5zbmCRTWlw_MAqcgmPc1S-qpuIYMQGpFSP6l2PSnrslWAbvQs_Ny18la-YPm31dPZR3ybhsPX3qljEbEYwQgU7YQHRKxcn_1LgnvND6uKU1YwjXC2I9W_b8MnkIx5MeD6rjRSu-f5zqhIaA2EAsgHzh9NBbDyqKVoXooKih4Ib0gtGJDxJ6x0uJMPuDBebH8QPgrpRlRukI41ahPWSNT54m-j0HF7TgQXgwIokVkws-CAVD5TFJ6A&cid=CAQSPABpAlJW-VSw8R5fGRwFScApr2xyg-QQGM4jb3hcg8A62EaEUiIh0fYf8Ilk084Y3T1SAEhqU3cE0p9o3RgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=17925527700664216000&adk=2086295851&idt=164&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

796f7a84c764a6bec521beec4e15d0fd1b0e752957971121bed78885be42ab81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK T.ashx Show response
wlskyinfopartners.adsrv.eacdn.com/ Frame B501 0
717 B 74ms
74ms Document
text/plain 40.127.232.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://wlskyinfopartners.adsrv.eacdn.com/T.ashx?btag=a_1304b_1409c_&affid=4&siteid=1304&adid=1409&c=&t=638255680511190000&MediaID=1999&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26

Requested by

Host: wlskyinfopartners.eacdn.com
URL: https://wlskyinfopartners.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 0
Date: Fri, 21 Jul 2023 20:27:31 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 825eec7f-d535-4f02-a20f-30ca0d734372.jpg
wlskyinfopartners.eacdn.com/wlskyinfopartners/img/ Frame 338A 178 KB
178 KB 129ms
129ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wlskyinfopartners.eacdn.com/wlskyinfopartners/img/825eec7f-d535-4f02-a20f-30ca0d734372.jpg
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0895b67fda03af2a222599d6342e3b6984cfbcebc368cbe5198efd54a61fadfd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
last-modified: Mon, 29 May 2023 12:19:16 GMT
etag: "64749844-2c74c"
x-azure-ref: 20230721T202731Z-3xvtnawtct3adf1r1t0c14mcg400000008a000000001z1k7
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 182092

GET
DATA 200
OK truncated
/ Frame 338A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70feb74fb6433c6ca83299c8ff64529da475741b6cd2a335aefa38b14dcfbe9b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B39B 0
0 99ms
99ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=289524336854398&bg=!IiGlIXXNAAZsPphkTD47ADkAdvg8Wpt-HrU1XVQJ8pfmF7BlQzIhDiVtmJjuPo2NBrrUm9sKpnOxnxKaNX-aqyRlVDbTCrgrlJgCAAAAoVIAAAAFaAEHCgAeR3smdJYakvQ1jHjYNNVdcLUIB2FJSgYrkeilKZT8mQLyFF_788aNmhO9LZFmqZtZdnMzl5dQyiaTD9DB_ZlmZQSwgJAiKBcemZINJVttI7aGSIcjHxPZSS-RIRfXm4SbOizuEhysSm2bjUjq8sP8Ec3mgguc_hSmrLJw2sjGuT-dCnn60MNoxGCQZ9Au6QENh8sKfKZJIuN9Jc1DrvB2lvKj-baGTx_f3yjr8EtMdSUgB7mlhgsA1VVmapsbpozDdJqs4q9wse5gqwbPgpJm3x9AVZDz3xXQFL4d1NJggBWn__Z6XNCAmINQLDpOXyuEiLLLGa2GTLBlOTVoY61V_u7Pgu-Yos3UGEYrZ20pzYJT3RA4CekCbx7vjG9XE2egSZI2yv_NAh4K3RUxSUMuYxS8RLBLLipikHgrkA-TG8Y4kq9RneGlwz2z-JYvxsB6g2AIxJN26YpIZoDn-zsYj4AMKTZVCKWKOhDjInwBuPsIG_01LgUFyeVNapFT8b312u6XQLeQ-YA21NnfE5V_YeQ6zwAc61uFXi0_veWWxYNekbXigfamoDOmtr_uBB7SRPIqrnGozRXjlGK70AthcJ-ZNx5vbqn2kkHR2ZpHIH-JVT09B7eKEoMd4kMQa7r_4db0RYwIpZEwnkuGLrVVLTkcG5B-7nVuBB4-10Osocxz6OIb5X6DYunE9FSGXBE_GWPx5x6GFL4VSyFGkWt7l-A5SRyEq-L6xzeUlp1YHbDwDQxnin-8n-YJi875yBHWkBl8sdJs5Q11ecCp0rOrG0adnzLtfos8fvjDsbziT8tXM2QAZ-lrgVe4zBNkf5gGYFJOCquAeYHX8_CndSlfkC5mFqQO9TjsNGuvpvuXnPbzgoRx_sBSBbx7VtYiYiEJhRFr_jkzeYZQriLnhYaCIUhKfy9LfstSklUND43b6RbGV6oAyBFLYR--bH7cu24to9j8g1RMK14G8kv-be_o0yR4z3yj6Zlj9xbKZjId35R9Ih1YsVz2lwCQ3JykxlG0WzoYCQp3YIdjN5NpGdcvaFRPHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B60D 172 KB
61 KB 211ms
61ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
Origin: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 14:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 14:37:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame B60D 11 KB
4 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSUMi3dMoTOG_CuSm8cc8xHtyhk_crEnj_HKyu3udUI3QuidoXuTUiVGrzJUV-4Jf9J4-qxyXmzj0dd_mhBBIEBDPEWQ&cry=1&dbm_d=AKAmf-CLLsE1ixb-Jus52zsw1TD1NvtvkW81MSFQYhGwEKIzbysTOi2J87G-u2LK_UWeQe6-UWHZrx_op6H-yVXIU0rwZLlwEByezUZ-Xfb4gUqSThSYrAelEIAKEbHx7I5UAUYfxFPtjV4DAPFp82oXXX3xZkhPkius_zX8TrfxQxqbk0zYw3Utsse1aXeaiATZLiaaozu06cy_ZeeOYXWmR52MC45jhpsvHwbnmB1l5C8QoMdRBN0GER9OKqoMo04jK5-utXSvwKQRW1qY9_8ClrVbtkjUCuGl7Ir-yYBq70fg8L2wptX44CyJPuhzt85EoZdWnKBEd2nfeAQyY7bnSYQpy6sLxXBPSN0TwEH2fjFBT3dW4TCkRMsgJHMNnWzKyF-GQXWzXQV2kNA5-r4BMGILbEyEl3uhEe7wgWHeXMhJJey51N1aqe-nlCs1m3NL6EJrkpHYF8XiiF8U6T3lFxuI8fvOldBDZzUAcnqHAoodEto1_8P2fhBDf20X9kXZZ-ev6bcxB12JdrLWAOAiU_yTdEjw8kA1mmBWPbPJ0ND94gOb3YtZiH-dgnXgj_8l_Iy5wLlrEBOwZoVa_aK0TUTNK4Eh6cJlag6E9X8NVZBaTgvWIbFGlmGJFa_ghPAJO7cyEx-mdf77OuWB5C18XlRgDr3xiI-6FbTRiczkudUNJul_ckSDCSkfPIgNr_h0jZtdLAWB7hlYNdZjXvrSTC2QrL3WDO7Y_XMpeJa36XybIwL0ZXCOzi8eSXFqz-tF9fAnqhqG-TW975oDikhjKUsx37gwPn40IvvkN2kycsXRxm--y2jIWnwCAxfT-POtXAwGCFsxgFTI09W3A3_aG-UKpQpWIMdVQMXbw9WQpCIOQ6qrPzcRy8UUGSsprOclMSurS21I4Ffm86DPzAfREJwDIjFIlW-_wEqI0mTubKn1_dzDdvlAqk_YQzxFISoR-NHNsbqdbw982-dhXKl1R_XX2796O4SjtR-Og432-w_mm5U-Ze6f8lZy3xMWA8xiMMR58i34WIlaqOpx62ZVXBzWacseyS63dxalmAsD3nGYEi385hOEDdFMJBueWrPTYp4wuw4xdESOHBJIGDnRU6q7FIo3Onp3exAkrZ4S4NcCWfp3_P8FupZ9fNo_6uo6QmHs46XlraSljfJsmn0u3sX1D4VgP65_8RNt7Cg-yJsiZ98pEquOdN7WVVX_EwtqJJGHyckMZvWIfVGe_rhIZSWD4694c0a_ng2bpAbNFVJLf-8v2hJE_Kk6Xku3trfcpaoMlFcug_olwkQ__z62sk69eYOB-NOaz6ava4Bv08lyKbRhDB6IpHUtfm4BPZFPcq2zUXeMRy22CTjwEeZ-6OUEi_X4H7MajT3jtsXdQdvf8deizDFp8CeAo9kIHwqqINcQoC3g67I2hob8_AoWja4jOFyI65x1jlAP-3UQsjaxgCINLbnlxU95oS7KU4PowVTFaoYeGRMOFMsg91EIJghKP6EJwQBUJ_qPrXML6QFY6QsJs0TmBqEWoAbPoWZX0P_6ufGF13SZXUP1P_8ZRu9q4t1CtjssawZ6Id4HfRvEhjkqXzmnxwBCrix79mpZ1E6NNbnQkDCui1YkAwnk8eqZAwWjgwExUqx7wX_jSLlhb5HSeYvPGaiglMgkLjMklQ1ccoXAgOSHcZAH1pcUfdDUwDY3p_eNGBQ1d6ENbWCIsZ_ii4qXaFo7rkLisjTV-cZizZhGhdIQHJYE74PIwVN5ziD34XEf6Fuu-uyowNnvW4Zf81tmL1JgZohJE7k4wh7gDD_6b6DcRzIu_9pAJx25WbdfSBZuQOEs_PhREOVDLXFarb7gUAf0cat7G1Hy5eGz8TwLKiWboDmBNbXQFFCAYTWFz5eJKxEVK4T5L0WK9IHWkCpvQQuYdBy9bx7OLoBI3duT8hgBOU65LgHHvsU6tg5OepuNB2W47TU1OWWZzqRtmJ2rUUcx0sqrZOQXP7vwYwpC_nvVVZQ_-VSLExXx1QlgTKNYNrW0DLqxA_33sYdE42O94uZHWFwp1zvkPZQkFOEmyTz1w25vCsoXC-JkVXjyJO__KytV2hrgCQdMJqzctIS5F0pzSnNBgmYOgVDCfUpSK4SMKua_dZvM99QviCgPULy--wfbMtREPxTijHjk5V3EVUSGttsP_I24YkQrGau7Ltkwb3hQf-I_CTMHHEOx1qvy5-IaWH-dh-hnqkttJj3Wyw8KKm7g1ql59TjDgD8JJxAAackiOIvc1bpW_bIoIcXt-kYn8iyy0sO8E2OcIDcH-M839fr1eR5qA6jf-kg_j94XFqw1tIqswPy9H3C-VxnSDnbtGhPvMuLpPa6Ia1ff-RuJ_6DVAFJvA8swlJ9WPAyGJB-l8U07DhrbFWTxuqKg_-ZXsomNNQ0JQ7LFxNpkyAW9EFuH-FRmeNPpX7k9Gt4y9Xmjb1nEwujKkzPOx2dNykGBUqLJklz_4eXPvjn6LHTybRNiVwVZFKQzu25fU37ga3G9xukCMk5MNUsaZ00SSPWEOko-oW5pJsLNlqnNLruJ6HVtpNb50H4kgKEcKVTeyKv0hlEMGdpnA2Dg8LHjkmf7mOz7I9HNqxq18pLwPcYo2PbiSiU2UQk6-mWTGOh4OBWKeS-qLFqrd6LtNgy6woq34J_2bs41huUtW-3pzu5QiGf10pH1dCgx3tsp5cJc7a6L3Jnt5r9mwLGrNIEIaxMbH1RF-xFN1YihRRTz8Q1audooa0w6ET3TzccyLEUp1TF5zMWcyLm020ouErIWbSGlx9vHeyXE_uXwLUgr-SkIYYndr430yHNsTrbD8S9XMN_JAXR1Y1vGk5Sa6VkIb_6CfQ767c3J5BsEu7e53BHlJ2BuAGQKSyC6SDjx2g1EX9OgRG4lkColYNk49Fg55jjclcZoLgu7bqr4bycUa5qV7VZ6cOnrUi8mhqHWD84ATAsfTILl7DayZ0QhKcsqVTpti5zAxDJ5yxjzaHFHt-fWcZlC3AaRB3wkbUSn234Woh3dqLVvmNrQwcqf4ydDGt2JZASECHvlmSxz-BQ7835EcQBszrk7QferBpeH8fQCg-2LyKaQYt_o3uW6-qwRsvWPT8pYnzCjXpUsp8hOd6GR9v93qgZaxeNyAJtNfS3ImbhGCK2EqCt3rrMzhp-g-zkA-FkS_fiDOs-5Mk8Mx9Mpw05LmvhWXJv3Onqzml55h8dtMfL7WOblWVLQKTAdQYFhVGH1COL9tGTcAcfJZ3LV2n8KdFk2RJk_mIaVa77CJ5i3CvtZQxrWaJMDRb0MYIjHC-n_IOAmsko5FAi0C5ZPfzSegJA9FcVj6LTX8xQBS7PyCP01wKOuQsDM0C0l1HzY184bXXNC5_1nfmGeB05IMqFosZ5c4I1YhaxJrMEdcNiCKizL8sKoNHljLbUcCGaLJLP8RB8tnXvQ41vxDQkRylx0kQEyEeLXsN_ozXYn-1GUVFjmBbfPi9CsMA15Lsnf6jlSW5zbmCRTWlw_MAqcgmPc1S-qpuIYMQGpFSP6l2PSnrslWAbvQs_Ny18la-YPm31dPZR3ybhsPX3qljEbEYwQgU7YQHRKxcn_1LgnvND6uKU1YwjXC2I9W_b8MnkIx5MeD6rjRSu-f5zqhIaA2EAsgHzh9NBbDyqKVoXooKih4Ib0gtGJDxJ6x0uJMPuDBebH8QPgrpRlRukI41ahPWSNT54m-j0HF7TgQXgwIokVkws-CAVD5TFJ6A&cid=CAQSPABpAlJW-VSw8R5fGRwFScApr2xyg-QQGM4jb3hcg8A62EaEUiIh0fYf8Ilk084Y3T1SAEhqU3cE0p9o3RgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.terra.com.br%2F&ds=l&xdt=1&iif=1&cor=17925527700664216000&adk=2086295851&idt=164&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 00:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 00:01:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame B60D 30 KB
11 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:48:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B60D 41 KB
13 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 01:53:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F7F8 1 KB
643 B 60ms
59ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 79585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Fri, 21 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B60D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc32b8d560502c8aa3901ab255c0538b2ad678162e2fadf38175a404aea0624a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECBF 0
0 217ms
98ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_aHQ0nwYkNoyg6yldTJsZoYc2JHSlwQCMTwPSPhIm00QhIdAw_Z6mz29i7tTLMqxdoj-dLzQ4Z7BHhd3hcgWNdN6NzVI7JO_vAFdCIp0d7N_KBp5bU5Z7qThHFaAEoZ7K0DoZqo_CYVW7kQ4et0CEJsr37xnzQurrJzzFjQ-EIFv6cVCY7JRJHfycZK7fwDYfqFd_zykoSarrweYZ4GTWfQVK4q7cA8oKH87_psv8myyaUVsx17ObvIqPDQYfL77zuO5PiuuRlIwrkr6iQ0exeTnbpVBhlkcydWm_P47EopdAOCBZ1lJYJax001qzfpd01WHHCGohisvWYiAmD6s&sai=AMfl-YSSxFsRHxXAdZ1xM2s02TL4PPvJJzkvO7ynrRvTVhqVkUR8LbYnl9MuwyVqSlfQf3dQprZSCQqcPXTsaLsNK3x8lDC6k_6DZiDzuRGYuqgYfuxRpH7L3EHm0hgz0F4&sig=Cg0ArKJSzIsfP5sP7z8UEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 20:27:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F17D 22 KB
8 KB 59ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 34442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 10:53:29 GMT
expires: Sat, 20 Jul 2024 10:53:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7F8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpGyCAkC3sDuyzrXUulwzw&google_push=AaAOQGGqCpJt3JvHBzL_7L6WauoGQLs86Lg48LO9TfNgrOsknTD7DWB8-B...

170 B
188 B

70ms
70ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpGyCAkC3sDuyzrXUulwzw&google_push=AaAOQGGqCpJt3JvHBzL_7L6WauoGQLs86Lg48LO9TfNgrOsknTD7DWB8-B1nP9K2gJtvvXdk7G5HupkAHYV1QR4KLLWi9UwddYQyiAInNoanCJxA-Ye482jzJgMmCbXlJwHI8r9h17njnH7Leg

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230085-FRA
pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689971252.540155,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpGyCAkC3sDuyzrXUulwzw&google_push=AaAOQGGqCpJt3JvHBzL_7L6WauoGQLs86Lg48LO9TfNgrOsknTD7DWB8-B1nP9K2gJtvvXdk7G5HupkAHYV1QR4KLLWi9UwddYQyiAInNoanCJxA-Ye482jzJgMmCbXlJwHI8r9h17njnH7Leg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F7F8 0
173 B 138ms
65ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKsBi4_jVAZ91lurxa9Rfik&google_cver=1&google_push=AaAOQGEN7driEDKvg7UoHFFxlel7ee0rSfmooU0plq_tTCBxAE2o9qQWGMbgObqhNS2uXN4-neAqWjozQ7IYX8DmvXhKBcx-QQCM9fKdMqoHQ0zst2ppxHv7POxXwdht08XnUdfWHrST1CXl2A
Requested by: Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7F8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKzGkM2GD58X8GBbbw8S2BA&google_cver=1&google_push=AaAOQGE0cH6SINJERFy9tPBQHWuQ2mG8bfuNxpMDubaBuk_YLtnrKEPFr7raELId2Wsq65nBFMnU3DpTC-s0gJsN...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4LdGHxFiS32ORKzMxmfSuw2&google_push=AaAOQGE0cH6SINJERFy9tPBQHWuQ2mG8bfuNxpMDubaBuk_YLtnrKEPFr7raELId2Wsq65nBFMnU3DpTC-s0gJsNUC6TChuWawsJJG...

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4LdGHxFiS32ORKzMxmfSuw2&google_push=AaAOQGE0cH6SINJERFy9tPBQHWuQ2mG8bfuNxpMDubaBuk_YLtnrKEPFr7raELId2Wsq65nBFMnU3DpTC-s0gJsNUC6TChuWawsJJGqldRnEhEMi4JzgjLfAOmwX8TlcuJMZuNaTlvFbjmgCmA

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 20:27:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4LdGHxFiS32ORKzMxmfSuw2&google_push=AaAOQGE0cH6SINJERFy9tPBQHWuQ2mG8bfuNxpMDubaBuk_YLtnrKEPFr7raELId2Wsq65nBFMnU3DpTC-s0gJsNUC6TChuWawsJJGqldRnEhEMi4JzgjLfAOmwX8TlcuJMZuNaTlvFbjmgCmA
x-host: tde-deliveryengine-production-75c9d7b6d6-s99kp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7F8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM9jzQBU7F8oGY-v11kf_jA&google_cver=1&google_push=AaAOQGHBfRBhruDg2dLpShKV0c3cZIwUr0dgU2g8J_cs-VVL1qRAbPxYrHNQfgM4WYt2F-zslj1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=AaAOQGHBfRBhruDg2dLpShKV0c3cZIwUr0dgU2g8J_cs-VVL1qRAbPxYrHNQfgM4WYt2F-zslj1RozkdUYdfr3OpW8ZQWePtcZI3nINtZ...

170 B
188 B

70ms
70ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=AaAOQGHBfRBhruDg2dLpShKV0c3cZIwUr0dgU2g8J_cs-VVL1qRAbPxYrHNQfgM4WYt2F-zslj1RozkdUYdfr3OpW8ZQWePtcZI3nINtZ5__S2D90udvxxOec0pOkbhJCrna1PA0tMLVwozCGA

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=AaAOQGHBfRBhruDg2dLpShKV0c3cZIwUr0dgU2g8J_cs-VVL1qRAbPxYrHNQfgM4WYt2F-zslj1RozkdUYdfr3OpW8ZQWePtcZI3nINtZ5__S2D90udvxxOec0pOkbhJCrna1PA0tMLVwozCGA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7F8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDgYVt486a_SkQV4sgLv2WE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDgYVt486a_SkQV4sgLv2WE&google_hm=ZLrqMxfB6K1QtccjQW0d9wAADIQAAAIB&google_nid=index&google_push=AaAOQGH-i180GxFNCIVgmVZaC0RQlv4kPrufS...

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDgYVt486a_SkQV4sgLv2WE&google_hm=ZLrqMxfB6K1QtccjQW0d9wAADIQAAAIB&google_nid=index&google_push=AaAOQGH-i180GxFNCIVgmVZaC0RQlv4kPrufSIzYmud6oQBQZHFmdID6dIvu-nJA2vI_NjmiJOePgbWY8xPReZNBGqGaX8WgZ9cJfaE_xWYHbkrpTMc0zr2aUYB8dmku8bZdmu-C5Zd-36bqZg

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:27:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDgYVt486a_SkQV4sgLv2WE&google_hm=ZLrqMxfB6K1QtccjQW0d9wAADIQAAAIB&google_nid=index&google_push=AaAOQGH-i180GxFNCIVgmVZaC0RQlv4kPrufSIzYmud6oQBQZHFmdID6dIvu-nJA2vI_NjmiJOePgbWY8xPReZNBGqGaX8WgZ9cJfaE_xWYHbkrpTMc0zr2aUYB8dmku8bZdmu-C5Zd-36bqZg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7F8
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENiA6Y5mZFfaMt7DbHrsbRY&google_cver=1&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTix...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENiA6Y5mZFfaMt7DbHrsbRY&google_cver=1&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTix...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTixQsdYXYS6hiJtyLs3HzrlBzy5Ue4S0RFCIqSVvmiTWXqt...

170 B
188 B

72ms
72ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTixQsdYXYS6hiJtyLs3HzrlBzy5Ue4S0RFCIqSVvmiTWXqt_lFCXG8wHjF&google_hm=HBPruGZHEcnvuK7YQUWtNQY1

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Jul 2023 20:27:31 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGE7muN12_YX_eWy4951RxSgdqpbIxWt4rBYrz4ZseM0UB1Pu3o7LIFkUhBkNyY93tWQ92ktzDNGiz0HyNTixQsdYXYS6hiJtyLs3HzrlBzy5Ue4S0RFCIqSVvmiTWXqt_lFCXG8wHjF&google_hm=HBPruGZHEcnvuK7YQUWtNQY1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7F8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFLt05Ib1WkM8j2aKU5DhGY&google_cver=1&google_push=AaAOQGGM4OJXLtcqYmS4CZOAnbPDFR5TeZq5BEySVkdD05Kgvi4t8OP3F0TgNIPSqbBxQrBEJkwYZs8I-vwuP70u...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGM4OJXLtcqYmS4CZOAnbPDFR5TeZq5BEySVkdD05Kgvi4t8OP3F0TgNIPSqbBxQrBEJkwYZs8I-vwuP70uTSpGXglpZWnhs3TNAwiz5qnvUD9Hy1PX0-OY0xx0O4h8...

170 B
188 B

70ms
70ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGM4OJXLtcqYmS4CZOAnbPDFR5TeZq5BEySVkdD05Kgvi4t8OP3F0TgNIPSqbBxQrBEJkwYZs8I-vwuP70uTSpGXglpZWnhs3TNAwiz5qnvUD9Hy1PX0-OY0xx0O4h8bsJ41noFv7Mixg

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 20:27:31 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGM4OJXLtcqYmS4CZOAnbPDFR5TeZq5BEySVkdD05Kgvi4t8OP3F0TgNIPSqbBxQrBEJkwYZs8I-vwuP70uTSpGXglpZWnhs3TNAwiz5qnvUD9Hy1PX0-OY0xx0O4h8bsJ41noFv7Mixg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 8GpVYEqUjcNHqsE8qINDGzsohjo5hwMYeXAjkDHlMX78RSURkfi6Ew==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F7F8 0
59 B 68ms
67ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgSeL3nKcnS8AlbRQx3O3-twQFIsrH0L9ZSkYq7s4VgacKcf_owT-IusamAsXO-utbi1M_

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 338A 0
0 167ms
97ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuH2NBFO_DavTDqIUgavfsjM4w4uVU84Dl3SVtr6uHWSHrHZEQ1wUFid9XKhU_u-7_tnZOkHpwcsANA9BGykWSwU9VVXEzEryX3uAEmY-Zgk7PBIxPWfSB_8g2ML-AleVlDLqh82T3dG3so6B4MmSwMHdrM12ITjc3JTbfKPBO2Fk94oKtAgWnr0hc_UxKvcK867K4kOp2fyOnaKTizhTDI-vZ98cW6sWw_Bg0pxc5D_P_GVpUtn3olfCY5kkt3Bdrf_iVfR5Lp0jFpKsjUIFB7AVKvV8W4Mmu8y8nLANpw6Xq9ab_eZuMwSQWiJHajXBuL3aeYQfd7rlZCrOQLhWLasvb8mpX6jaezYE3dVjIXlmK0-n4lHgV-9u3rHl9h&sai=AMfl-YQw-pg0ebL6ZMkQmIIxST492E5BV392HZXPecfpzJzlM8nPihyhrwMqNtSm5XA8vLIBjmNel35ULfq6X_Bg0S8vICNm9E9DxKbcYZI6KK76PeKflHnJI7HVQ4R2LMY&sig=Cg0ArKJSzA3FdKiqrocxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 20:27:31 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame F17D 37 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 262811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4730152351177083264/ Frame 3E64 6 KB
2 KB 215ms
94ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11838a58ab32852137378c8840cdb5eb310768fb5b4d7ea95855c5a105348431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1823
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:31 GMT
expires: Sat, 20 Jul 2024 20:27:31 GMT
last-modified: Tue, 30 May 2023 12:15:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B60D 0
0 285ms
107ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvjNeM1J2Nbuo9Qe5t3T-B8S_dugz-TDsdEySsDqm5bPXjczcY6zhQqMmnkZn_hGtjMPeXONk8mk57FdVyhVjYw_IEAosvd0eYDHCPrcEgoTjz8vwaTkYXftBZkW65qpq4-8bBNHzkFQyOUOQ0gscvSEmfOaVVP51HcWLJvbu7e_UX7AAGW2qbJVMU0bZlB4R1NL6J9yLGpyD_90UGEdz2U3GAGqi39nTDwFJGmSzE_A5UbbV1aYzVQFZJFFGYsQsbKkzzWp84hnkVa_Y-lnBx17mVxvoTnl6B5y-8Az5NjyDre5KzRLiqXjVkY4qMNRJeuM04VPhtq5k-rtf3DXn-QtFlOaN-l0nhw0_WSVCZcDG0fdro6h5aqqMWJrpBMkX2afv5cEBmRDM5McOy_se-Wx-OP2FVwBcvWonxMe5DuBjs-MuDajKyBYGFp5W4Bc5-Kz2tX8YG07jCxf8Usfru0BKu4snUFBKsuPOWmSMNvBJjvIfs8fuhb4UpExc9acqXOdAm0x4i5mtoNraAMLxzrd6-cpggb24XX050SdMWQQN16o_E_XuSoZWLW4-kXkNRndvYI8BCpx14aA0MoQFQc0oZpuDQvEZWterhm05-8HBd9Hfsrz0_m9cdSs5EWonFWNt-sW-vUvqBCS-5EstfxnAzX2GeX3kzQi_4Hl9dXImkHb40gh4ckha6y9uDzNmjx5ONuQooOa6Sr9xlCkNSoyNh447lrLQQDbv2NHYh2OcPdEmOj4RA5BbE0qJ4B-kBllxou7uLJtzEPGFFLIgCCVbim2hPmfjJWKmVe-kZpB0ipPwjugaWRjwYqvxHHsrJoiEzBNC87hnudNVUqjQZGIr7GVUS_320OegjfWdgB3lFRYQDt4rrdcNgZq-AEe-wMyZ5B2ol33lHoenFHPIBaVPhsfQjWKpZfTCLoK2gEg5zLEatpm3IjDP00RCAKafCYNNwGjndAJisxVloJxG40VTKm_eMxXUVKCHNbN3kg0b2QTJ0ANnB4NZoPA7ejME_6C531kB8f7oTvDjvoYSYb3fBGQac6rE9zpnaZa-DyJIf5I5b0bIz-jOfFauaLGLj5YZfaEtRv-Q4sCzEYVe8RMgYIYVl6uhmiJOfS__B5IBOpqsh6aG_zwQ9Y9VrEOV5maudeNN8AxEEJB0gc_ZtT22vD_qjK0Houoj8Y6EwBCVF987D310RSTiJHGvWTBTjDugsDLJ-wFnfY66Va1IjYrQzdLx15aMlCA&sai=AMfl-YROXzwKa5GgawhUyEQKFiJNQX7yDGDA0_j1v9LA6VeepZJNSFh-jWmRkeoEBz-OHnPZ7ihYN8W-xPj7PXdrafSJ1DwmC22quyhKdMdlnKlabXcFaQDGgJFMnX9t21DT8zcgvoGukTCS7WojXcyAa3J1BhONAfzaCip59T-hd-qvw-qWiJcCFD8oPSBpaOWSbCT-fnV5Uyr3zucx4HLiLwDZpH6SaSj2fkjqELOUE0Q0Q_jRWhZpA1czof0DpzlvyFNcmos&sig=Cg0ArKJSzKmH-2KT8Xj5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=335&cbvp=1&cstd=325&cisv=r20230719.29002&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:27:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F17D 0
20 B 98ms
97ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcxkXM-q6ZOyzB6289u8Pt8u32AsAAAAAOAHgBAI&bg=!i4iliNzNAAZsPphkTD47ADkAdvg8Wge9KLCn2vKf82nN8aqvJWOg1KncckNT8-SUH9dfRZt8NT0x6i-fRVpU7MLoOLhzpmfs59wCAAAAclIAAAAFaAEHmQM3203UJS9lYTf6lyiWedUXknSjniOocKDgZnaWUb4S19TZs0xozxOPLdGu6iLYC1aPMtHYIDoEI-lf94c_-mj0bwKJp_RWbWD91jlplB3Y_Ax0Gktk0htvfvLTwCRfAT1YesOr-bSzrJ3bpMZvffb0Jbrbaa-0f8khgw3nAoKF3P7FndnpV4FGUXCJoBcXI8qn6J2ibhB7KlHmUy9khgG6mD8UK5kae6OQ3YB391065ir1bhbCb8fLQ8rp4p9ecomdZUw6ot0teu8ldosgcbUIwhS40ayc-KiZ5Jz7WcDtI8eVE3uYA25j72_MODbNnPg8Ob5lwJ_H_dWiTTfQsaG5s2TL6esOZK9--rdiVTY2jREa4w9d8A-y6mOB6OA0AY-f9uxTlx8AAJjFhaFWTha6eFWnIDypHphlLvy16QRU3YQSqzjgMutAJh3I0D-nEPTv2HFgRzddd8hkszd2EWF7QXn1ctcZJDtM94n2mq7buYcp5D7VtAX1pB-vWVHri9YybwSRSDGGrkhb3y6avFQiJ07WfbPuge2oqqpDasm2x0EMYZPGZSBIVnHfT55kLiNewLTf2mPbMfxKOvwQlvlIKBuXtzZRPRvpc1exRvZqXhGobVha-BIZ9irlYFxmumQ7rYHVRx3MpwVapH3yoHYc0GlSSCryV_uCXi8Vl8IhvMpB9ddPRlys6TCTovu1u9NaMXfvDIRhXBwxqdT7XiG-4Yn7dmylpkK14erdFW6ynYU2tPGHRn-yrl0gs_t67eDcCzCghVgJ-BbwBkm4gIRQSEdEdZiJe0fg8XevBH_EuIc--PLOoXJET9A9P5Vqw0qPssyv0-67bCO7Gp9Yv9S-mYAvKogYTPbKspLeTz1iGnabLmVAdJrKyWPggBAji_J5Xkl-2lP9qkMHwmu2jX0d9KRb4_a1DxAYtWfQriuGY3npY3YC_GnaPoQ0MC33j3-VXa7_O27ZAlLNzfEdj6ngyhazTXadMa70xGc1xkmBkYuDHAZIkgLmEeUQFH03kdx27hV3g7SGgxsMDlSqWNPdZLD6aR-NKxVnYnNXcO5qScqfN2-FnNBLrB8yCaicufyQVstyzg7vhQ

Requested by

Host: 047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
URL: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 3E64 120 KB
41 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 13:47:01 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ Frame B39B 87 KB
28 KB 75ms
74ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:31:17 GMT
server: nginx
etag: W/"642e9165-15b5c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 20:27:32 GMT

GET
H3 200 SP_Logo.png
s0.2mdn.net/sadbundle/4730152351177083264/ Frame 3E64 7 KB
7 KB 60ms
59ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4730152351177083264/SP_Logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b620b550e1112593c2de50c390264fd1a9b9789f44aad3f2aba4f2bd1c2b4939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:09:21 GMT
x-content-type-options: nosniff
age: 209891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
last-modified: Tue, 30 May 2023 12:15:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 10:09:21 GMT

GET
H3 200 Montserrat-Light.ttf
s0.2mdn.net/sadbundle/4730152351177083264/ Frame 3E64 193 KB
83 KB 60ms
60ms Font
font/ttf 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4730152351177083264/Montserrat-Light.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3a4d568ec1e1909d70a1ecaede97fefdb528d06c05985784756f53399d2b640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4730152351177083264/index.html?e=69&leftOffset=0&topOffset=0&c=o85vNkfO4E&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 11:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85275
x-xss-protection: 0
last-modified: Tue, 30 May 2023 12:15:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jul 2024 11:45:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3E64 7 KB
6 KB 102ms
101ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60a783613c99be8edb7ec95d90e2798d031f95714c0f5e0a334a0095d24b0106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5673
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 93F8 15 KB
6 KB 63ms
62ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 990739
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ Frame B39B 87 KB
28 KB 221ms
111ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:31:17 GMT
server: nginx
etag: W/"642e9165-15b5c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 20:27:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B60D 0
0 100ms
99ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvjNeM1J2Nbuo9Qe5t3T-B8S_dugz-TDsdEySsDqm5bPXjczcY6zhQqMmnkZn_hGtjMPeXONk8mk57FdVyhVjYw_IEAosvd0eYDHCPrcEgoTjz8vwaTkYXftBZkW65qpq4-8bBNHzkFQyOUOQ0gscvSEmfOaVVP51HcWLJvbu7e_UX7AAGW2qbJVMU0bZlB4R1NL6J9yLGpyD_90UGEdz2U3GAGqi39nTDwFJGmSzE_A5UbbV1aYzVQFZJFFGYsQsbKkzzWp84hnkVa_Y-lnBx17mVxvoTnl6B5y-8Az5NjyDre5KzRLiqXjVkY4qMNRJeuM04VPhtq5k-rtf3DXn-QtFlOaN-l0nhw0_WSVCZcDG0fdro6h5aqqMWJrpBMkX2afv5cEBmRDM5McOy_se-Wx-OP2FVwBcvWonxMe5DuBjs-MuDajKyBYGFp5W4Bc5-Kz2tX8YG07jCxf8Usfru0BKu4snUFBKsuPOWmSMNvBJjvIfs8fuhb4UpExc9acqXOdAm0x4i5mtoNraAMLxzrd6-cpggb24XX050SdMWQQN16o_E_XuSoZWLW4-kXkNRndvYI8BCpx14aA0MoQFQc0oZpuDQvEZWterhm05-8HBd9Hfsrz0_m9cdSs5EWonFWNt-sW-vUvqBCS-5EstfxnAzX2GeX3kzQi_4Hl9dXImkHb40gh4ckha6y9uDzNmjx5ONuQooOa6Sr9xlCkNSoyNh447lrLQQDbv2NHYh2OcPdEmOj4RA5BbE0qJ4B-kBllxou7uLJtzEPGFFLIgCCVbim2hPmfjJWKmVe-kZpB0ipPwjugaWRjwYqvxHHsrJoiEzBNC87hnudNVUqjQZGIr7GVUS_320OegjfWdgB3lFRYQDt4rrdcNgZq-AEe-wMyZ5B2ol33lHoenFHPIBaVPhsfQjWKpZfTCLoK2gEg5zLEatpm3IjDP00RCAKafCYNNwGjndAJisxVloJxG40VTKm_eMxXUVKCHNbN3kg0b2QTJ0ANnB4NZoPA7ejME_6C531kB8f7oTvDjvoYSYb3fBGQac6rE9zpnaZa-DyJIf5I5b0bIz-jOfFauaLGLj5YZfaEtRv-Q4sCzEYVe8RMgYIYVl6uhmiJOfS__B5IBOpqsh6aG_zwQ9Y9VrEOV5maudeNN8AxEEJB0gc_ZtT22vD_qjK0Houoj8Y6EwBCVF987D310RSTiJHGvWTBTjDugsDLJ-wFnfY66Va1IjYrQzdLx15aMlCA&sai=AMfl-YROXzwKa5GgawhUyEQKFiJNQX7yDGDA0_j1v9LA6VeepZJNSFh-jWmRkeoEBz-OHnPZ7ihYN8W-xPj7PXdrafSJ1DwmC22quyhKdMdlnKlabXcFaQDGgJFMnX9t21DT8zcgvoGukTCS7WojXcyAa3J1BhONAfzaCip59T-hd-qvw-qWiJcCFD8oPSBpaOWSbCT-fnV5Uyr3zucx4HLiLwDZpH6SaSj2fkjqELOUE0Q0Q_jRWhZpA1czof0DpzlvyFNcmos&sig=Cg0ArKJSzKmH-2KT8Xj5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=844&vt=11&dtpt=509&dett=3&cstd=325&cisv=r20230719.29002&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.terra.com.br
URL: https://www.terra.com.br/esportes/inverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo,3e861ee3e72c18127f34a27debc2960esqhs4eeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 20:27:32 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-5hneknee.c.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame 3E64
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signatur...
https://r5---sn-5hneknee.c.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/acao,ctier,expire,id,ip,ipbits,itag,m...

2 MB
2 MB

245ms
61ms

Media
application/octet-stream

2a00:1450:400e:8::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hneknee.c.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34EC8DF8D0D9C0795E7E06F77F7E117B79506D10.299AC9E30D06055A0EBA738C8C9AECD238D90C6B/key/cms1/cms_redirect/yes/mh/9c/mip/2a0c:f040:0:2790::4e/mm/42/mn/sn-5hneknee/ms/onc/mt/1689969615/mv/u/mvi/5/pl/51/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:8::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

73b665ef38d8e9b2abbc779a98e91fc7d123d2dfa3563fdc4f33a20f68cc6515

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:27:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 May 2023 11:38:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Content-Range: bytes 0-1595894/1595895
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1595895
Expires: Fri, 21 Jul 2023 20:27:32 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:32 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-5hneknee.c.2mdn.net/videoplayback/id/ec963b82ed17edc0/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721507251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34EC8DF8D0D9C0795E7E06F77F7E117B79506D10.299AC9E30D06055A0EBA738C8C9AECD238D90C6B/key/cms1/cms_redirect/yes/mh/9c/mip/2a0c:f040:0:2790::4e/mm/42/mn/sn-5hneknee/ms/onc/mt/1689969615/mv/u/mvi/5/pl/51/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E64 17 KB
6 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 20:27:32 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 93F8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=jnotCV9SVVJkUmg3bUVhNXlHTVElMkJsV1pDajBUdUVOUDNRUEpoNm9Ham5sVEJsUncxdk...
https://mug.criteo.com/sid?cpp=s0tAIXxSWS9pR0xhSWE2QjZienFEMHJCVnJid3IydUJvZXpuenJHWUtMdTkvend4RFhaUHVBWUQwSXFEZ21nckNPcFZQaHI3eHlHN1QyVkRaeFFUN01QNDVSUjV2ZjVYWFV6ZlB0bUZHc0k5STdzVlRnRFk2aFQvaERsMm...

441 B
655 B

57ms
57ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=s0tAIXxSWS9pR0xhSWE2QjZienFEMHJCVnJid3IydUJvZXpuenJHWUtMdTkvend4RFhaUHVBWUQwSXFEZ21nckNPcFZQaHI3eHlHN1QyVkRaeFFUN01QNDVSUjV2ZjVYWFV6ZlB0bUZHc0k5STdzVlRnRFk2aFQvaERsMmtBdXMwVjhSSzdoN3o5NHBWSHh3OStZNG9sdFBwam9yU1dUWjFrUXhHa2pmTmV3S3VJVlFFT3ZwVXVSV0NBdFRnNVROMFR3N2tMU0ZrQmUxaXU2SStUR1dRL1FMUUlqeDJ3aldqczVzQmFEUFdTREZvUk44Ni9MU0FVYTZUR0FJRW5yS2NDQlRCVkd6ekVUMktST3RaTm5WNDFLZytSb2kxbnVmRVYycDdiNURvOS9KcWdjWT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

66e62c63033a62814a7839d23f98955a030902408712663296f563e61eec507b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 753284
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=s0tAIXxSWS9pR0xhSWE2QjZienFEMHJCVnJid3IydUJvZXpuenJHWUtMdTkvend4RFhaUHVBWUQwSXFEZ21nckNPcFZQaHI3eHlHN1QyVkRaeFFUN01QNDVSUjV2ZjVYWFV6ZlB0bUZHc0k5STdzVlRnRFk2aFQvaERsMmtBdXMwVjhSSzdoN3o5NHBWSHh3OStZNG9sdFBwam9yU1dUWjFrUXhHa2pmTmV3S3VJVlFFT3ZwVXVSV0NBdFRnNVROMFR3N2tMU0ZrQmUxaXU2SStUR1dRL1FMUUlqeDJ3aldqczVzQmFEUFdTREZvUk44Ni9MU0FVYTZUR0FJRW5yS2NDQlRCVkd6ekVUMktST3RaTm5WNDFLZytSb2kxbnVmRVYycDdiNURvOS9KcWdjWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 299161
content-length: 0
expires: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F43 37 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 262812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECBF 42 B
64 B 101ms
100ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV0sfT2c9_TsyJbtj2yvzZ3J-xCRpDkZZUMyntY-VcbkApduAWcbsKjWf5ef47wPUTWWU_R4varU5VBlsVc8-CCxR3JqgqHSf1CFqAX5D2hEWM9m_C&sig=Cg0ArKJSzNBKcTFDY1XOEAE&id=lidar2&mcvt=1019&p=746,682,796,1002&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3246890726&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689971251025&rpt=308&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 338A 42 B
64 B 94ms
93ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjAHrQVtdev6Hvsl2iMfuLDzJK0Ts7dN9xhbcoA5FZyzbHD4iWxRh1Ll6ZR0VVbx4EU1IRjKafxB5dfrwgsFCpKQgfJgi0giuXtIH5gz7i2B8WSlNC&sig=Cg0ArKJSzKWFE1E3lDTvEAE&id=lidar2&mcvt=1035&p=88,315,338,1285&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2246152536&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689971250561&rpt=820&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 74ms
74ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 20:27:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B60D 42 B
64 B 106ms
105ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyd-WuL6O01Trg8gbQZeLH6igo9-TO10rrmYmkoPtXWpFA41HiyS0YaePdFljuwebEEPcgijvP0XPspFlUf6XGNDHJM8UzYYcnMZYEgJGshUGHOxk2waz8Owf8MB2hAdeGTYDa3tsg06uu&sai=AMfl-YQwXc4qbDZv11CqezgSnbLGknV-AF0eQ8byKAOIHDFuhSEdpDIYnyo7PmXcSoLnmdnNUM4ShRGN5dBczhZCUkKVoPCImYgVhZwDkaOfaI3AH60j3cTOyDkmNt9Z&sig=Cg0ArKJSzG4xLkc4cfMXEAE&cid=CAQSPABpAlJW-VSw8R5fGRwFScApr2xyg-QQGM4jb3hcg8A62EaEUiIh0fYf8Ilk084Y3T1SAEhqU3cE0p9o3RgB&id=lidar2&mcvt=1002&p=602,1328,642,1369&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3102069767&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689971250764&rpt=541&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 12FD 15 KB
6 KB 64ms
63ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.terra.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:27:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 1103257
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 12FD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=www.terra.com.br&bundle=h67YBF9SVVJkUmg3bUVhNXlHTVElMkJsV1pDaiUyQndQNnlXYVk2Y0glMkYlMkZOYUd2Sm...
https://mug.criteo.com/sid?cpp=589VvnxnRFk1dzI0UkNqcE9sMHkwa09KbVV3RVFJMVZtM3VyWkdLb1hDSFZRTmZVZVpVRk5La2JqSEo1ZGZuY0pPdHV3R3RkSURMYWMvRmpmOXhxOXVyWFZyS1d6cGgxeFNUUDE5V3dRem1xZ0RXL3c5KzJtWndDbHF6ND...

435 B
646 B

57ms
57ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=589VvnxnRFk1dzI0UkNqcE9sMHkwa09KbVV3RVFJMVZtM3VyWkdLb1hDSFZRTmZVZVpVRk5La2JqSEo1ZGZuY0pPdHV3R3RkSURMYWMvRmpmOXhxOXVyWFZyS1d6cGgxeFNUUDE5V3dRem1xZ0RXL3c5KzJtWndDbHF6NDVBSkkzRXBwNXplSTRSU3FPZzMvTldaSFJRVkpCTlVzTU5BTi9uTmwrdENGWFhCSGFkTUFqQXJXQVZwZWkzamhsZ1pzT0pIMStGbnR4Z1plNVlleUprSU9jRWRTcklGak5uaEJUMzdlWGZPSHJrUHRmamMxNEUzLzRRL1U2dWpyQ1J4MWw1SlVSYUtHZDhBOVdIQks4cTR6KzVMOXRmVGFvQ0tSYjAyOFg1MTE4UVFCTGFvOD18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b881dee027e4645f81a7c83a868c24cf46014194e3d83ef330f7934ac5e2a661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 735561
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=589VvnxnRFk1dzI0UkNqcE9sMHkwa09KbVV3RVFJMVZtM3VyWkdLb1hDSFZRTmZVZVpVRk5La2JqSEo1ZGZuY0pPdHV3R3RkSURMYWMvRmpmOXhxOXVyWFZyS1d6cGgxeFNUUDE5V3dRem1xZ0RXL3c5KzJtWndDbHF6NDVBSkkzRXBwNXplSTRSU3FPZzMvTldaSFJRVkpCTlVzTU5BTi9uTmwrdENGWFhCSGFkTUFqQXJXQVZwZWkzamhsZ1pzT0pIMStGbnR4Z1plNVlleUprSU9jRWRTcklGak5uaEJUMzdlWGZPSHJrUHRmamMxNEUzLzRRL1U2dWpyQ1J4MWw1SlVSYUtHZDhBOVdIQks4cTR6KzVMOXRmVGFvQ0tSYjAyOFg1MTE4UVFCTGFvOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 307529
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 171ms
56ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.terra.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 21 Jul 2023 20:27:32 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 188134
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
374 B 55ms
55ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&cw=1&pbt=1&lsw=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 186960
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
254 B 165ms
66ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13911
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 20:27:33 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.terra.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3070 281 B
554 B 190ms
55ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 20:27:33 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 831D 23 KB
8 KB 350ms
175ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDV2PQ3&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7cbb4856be44338488409965f5bf4bdef0aad5fed40179703956ceded63be73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8413
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 20:27:33 GMT
expires: Sun, 23 Jul 2023 20:27:33 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F9B4 52 KB
17 KB 255ms
65ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s1.trrsf.com
URL: https://s1.trrsf.com/update-1685470512/fe/zaz-3rd/prebid/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 21 Jul 2023 20:27:33 GMT
ETag: "623de86a-cf34"
Expires: Sat, 22 Jul 2023 20:27:35 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B60D 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4638720982734&version=m202306200101&ct=76&x=1&cor=17925527700664216000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3070 34 KB
10 KB 55ms
55ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:27:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71506
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:19:19 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame B39B 2 B
374 B 56ms
56ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.terra.com.br%2F&domain=www.terra.com.br&bundle=jnotCV9SVVJkUmg3bUVhNXlHTVElMkJsV1pDajBUdUVOUDNRUEpoNm9Ham5sVEJsUncxdkxjMUFtc0h5cGp0aTFSb1U3OGJyakJoRFM0VDdNU2xyOG5aZmU4d1c4SXNob1lsbzRvd0VLJTJGQ2NyRFJEY3VhJTJCVGhjSTBLbUZYU3dVdHBWVWlhc3d1aW1TUFY3ZXVuOWxUbkZTdWw1bVElM0QlM0Q&cw=1&pbt=1&lsw=1

Requested by

Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.terra.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 181760
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 57ms
57ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.terra.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 21 Jul 2023 20:27:32 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 242044
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BCAE 281 B
554 B 145ms
100ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 20:27:33 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FCE7 52 KB
17 KB 109ms
71ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: publyads.jstag.space
URL: https://publyads.jstag.space/prebid7.2.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.terra.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 21 Jul 2023 20:27:33 GMT
ETag: "623de86a-cf34"
Expires: Sat, 22 Jul 2023 20:27:35 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F9B4 0
596 B 63ms
63ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
an-x-request-uuid: d52b4a39-36cf-4eaf-aeae-e1cdb7f5ee1d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FCE7 0
596 B 59ms
58ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
an-x-request-uuid: a7261042-ef2b-4c5c-a193-6fd293301dc8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BCAE 34 KB
10 KB 68ms
68ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:27:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71506
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:19:19 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3070
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKD18XTL-6-D3CS

0
649 B

754ms
608ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKD18XTL-6-D3CS
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:27:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 971CF6AEB2AE47E4985BE358B716F8C0 Ref B: FRAEDGE1211 Ref C: 2023-07-21T20:27:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBBRhJ5UQ0RMtVC0Co3g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKD18XTL-6-D3CS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3070
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtEMThYVEwtNi1EM0NT
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEETUztx7ULrB0EP7EO6FxKk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=

170 B
188 B

71ms
70ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtEMThYVEwtNi1EM0NT&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3070
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/BuGgUw9gelIYERjulq7Bag?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LGd52Q9E2oKKuFeGyk_Z0ZBBqwazLeKLQ.vRhw--~A

0
239 B

60ms
59ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LGd52Q9E2oKKuFeGyk_Z0ZBBqwazLeKLQ.vRhw--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 21 Jul 2023 20:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LGd52Q9E2oKKuFeGyk_Z0ZBBqwazLeKLQ.vRhw--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3070
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI0NGVkYjljNzcwZTA2NWE3YjlhZGZjMGJmMDc5ZWViYTViNzAwMw

170 B
188 B

69ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI0NGVkYjljNzcwZTA2NWE3YjlhZGZjMGJmMDc5ZWViYTViNzAwMw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI0NGVkYjljNzcwZTA2NWE3YjlhZGZjMGJmMDc5ZWViYTViNzAwMw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3070
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9HlWtFsAQi-4zsgqYQ0E5A&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9HlWtFsAQi-4zsgqYQ0E5A

43 B
720 B

154ms
153ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9HlWtFsAQi-4zsgqYQ0E5A

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:27:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FQEZ4BE1RVBQ9H0WQ0VB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9HlWtFsAQi-4zsgqYQ0E5A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3070 70 B
265 B 234ms
76ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3070
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQCcp11HYrOLxwNosMIjKc&google_cver=1

0
239 B

58ms
57ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQCcp11HYrOLxwNosMIjKc&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQCcp11HYrOLxwNosMIjKc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3070
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WTnV20gDRyivfiLVjsn1ZA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTnV20gDRyivfiLVjsn1ZA

43 B
479 B

156ms
155ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTnV20gDRyivfiLVjsn1ZA

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:27:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T77BB1RQ22XWDJ9X5RA1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTnV20gDRyivfiLVjsn1ZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F9B4 0
596 B 56ms
55ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:34 GMT
an-x-request-uuid: 1ef3ce53-61a2-4634-a42c-da37a1c44d15
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FCE7 0
597 B 56ms
56ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:34 GMT
an-x-request-uuid: 08567ff9-4d61-4ecf-88f7-9b34639b1f0f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 37ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FJBH1GT2QG&gtm=45je37j0&_p=377141612&cid=163260690.1689971248&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1689971247&sct=1&seg=0&dl=https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html&dt=Inverno%20em%20Ilhabela%20(SP)%20tem%20atra%C3%A7%C3%B5es%20esportivas%20e%20de%20eco%20turismo&en=DisplayedReason&_ee=1&ep.channel=esportes&ep.breadcrumb=esportes&ep.content_id=3e861ee3e72c18127f34a27debc2960esqhs4eeb&ep.content_type=not&ep.os_theme=light&ep.content_source=onboardsports&ep.amp=false&ep.page_theme=light&epn.network_downlink=9.6&ep.network_effective_type=4g&ep.network_data_saver=false&ep.display_mode=browser&ep.partner_type=interno&ep.published_date=2023-07&epn.device_memory=8&epn.device_pixel_ratio=1&epn.navigation_type=0&ep.product=portal&ep.article_special=false&ep.paid_content=false&ep.event_category=one-tap-sign-in&ep.event_label=opt_out_or_no_session&_et=1606
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FJBH1GT2QG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.terra.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:27:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.terra.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.terra.com.br/esportes	1970-01-20 13:27:37	Name: trrgeo Value: 60.2188%7C24.8708%7CHELSINKI%7CMANNER-SUOMI%7CFI%7C1
.terra.com.br/	1970-01-20 23:02:11	Name: X-XAct-ID Value: 4ab3c2a3-48aa-48f7-a9c4-989b5454ef8b
www.terra.com.br/	1970-01-20 14:09:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.scorecardresearch.com/	1970-01-20 23:02:11	Name: UID Value: 10Af6183f51650776e590811689971248
.terra.com.br/	1970-01-20 13:26:14	Name: AMP_TOKEN Value: %24NOT_FOUND
.terra.com.br/	1970-01-20 23:02:11	Name: _ga Value: GA1.3.163260690.1689971248
.terra.com.br/	1970-01-20 13:27:37	Name: _gid Value: GA1.3.681474410.1689971248
.terra.com.br/	1970-01-20 13:26:11	Name: _gat_terraAnalytics Value: 1
.terra.com.br/	1970-01-20 13:26:11	Name: lotame_domain_check Value: terra.com.br
.terra.com.br/	1970-01-20 22:47:47	Name: __gads Value: ID=922c50b8639bafcd:T=1689971248:RT=1689971248:S=ALNI_MYd2ZplZSB22wJ0EArw_pjDW77WwA
.terra.com.br/	1970-01-20 22:47:47	Name: __gpi Value: UID=00000d000aca8da1:T=1689971248:RT=1689971248:S=ALNI_Ma_SKEMHp04dGhA4ICZElv7-RCIPQ
.openx.net/	1970-01-20 22:11:47	Name: i Value: c3c04943-679f-4053-8a7c-544bfc43abd5\|1689971248
.criteo.com/	1970-01-20 22:47:47	Name: uid Value: 783129fb-9135-488f-94bc-2cc4e2641a49
www.terra.com.br/	1970-01-20 13:26:13	Name: tt_c_vmt Value: 1689971249
www.terra.com.br/	1970-01-20 13:26:13	Name: tt_c_c Value: direct
www.terra.com.br/	1970-01-20 13:26:13	Name: tt_c_s Value: direct
www.terra.com.br/	1970-01-20 13:26:13	Name: tt_c_m Value: direct
www.terra.com.br/	1970-01-20 23:02:11	Name: _ttuu.s Value: 1689971249428
.terra.com.br/	1970-01-20 13:26:11	Name: _ttqtt_terra_tt.href Value: https%3A%2F%2Fwww.terra.com.br%2Fesportes%2Finverno-em-ilhabela-sp-tem-atracoes-esportivas-e-de-eco-turismo%2C3e861ee3e72c18127f34a27debc2960esqhs4eeb.html
.terra.com.br/	1970-01-20 23:02:11	Name: _ga_FJBH1GT2QG Value: GS1.1.1689971247.1.0.1689971249.0.0.0
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 14:09:23	Name: trk Value: LM4jm4ZTatwE1vkALRoPrQoExP2CdZ9pM/nYISeBgiKR2rFFQaYndBhoBHn6uZutbmKInOGzzryuW+Cp/LYAaLgrnfRXRIO1k0NjUb0PVxgiHKfO2TUmJD/YVUYWVuI1Iv010/CAp1AsXWWuoVLl6jqvNj6+VsYe/nOEf3VKGXwbBv8Fs2YCMAh/cPveg2xZ
.t.tailtarget.com/	1970-01-20 13:29:04	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-20 22:11:47	Name: u Value: fwAAAWS66jFECAalGoPhAgB=
www.terra.com.br/	1970-01-20 22:11:47	Name: tt.u Value: 0100007F31EABA64A506084402E1831A
.rubiconproject.com/	1970-01-20 22:11:47	Name: khaos Value: LKD18XTL-6-D3CS
.rubiconproject.com/	1970-01-20 22:11:47	Name: audit Value: 1\|naVuGyos1qrxp9uhjc+vdpHNGL+qfTatXX/yiME3/MJXH69ZVaiYoycIb9dR+D6BpXRWz9vzmQDHnGETDUVO4uBxGCOXoSK1ftPFq1tkxDC+xUA9sgf/4b7FQD2yB//h
.adnxs.com/	1970-01-20 15:35:47	Name: uuid2 Value: 7777968584635434943
.t.tailtarget.com/	1970-01-20 14:09:23	Name: ttbprf Value: _helsinki_uusimaa_fi_1689971249949_3117154744
.t.tailtarget.com/	1970-01-20 13:26:13	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 14:09:23	Name: ttnprf Value:
www.terra.com.br/	1970-01-20 13:27:37	Name: tt.nprf Value:
.adnxs.com/	1970-01-20 15:35:47	Name: icu Value: ChgI0YlXEAoYASABKAEwsdTrpQY4AUABSAEKGAj5-WQQChgBIAEoATCy1OulBjgBQAFIARCy1OulBhgB
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 13:26:14	Name: ttca Value: CA3731,CA6935,CA5678,CA4723,CA4729,CA7125_1689971250
.terra.com.br/	1970-01-20 13:26:14	Name: _ttdmp Value: \|LS:\|CA:CA3731,CA6935,CA5678,CA4723,CA4729,CA7125
.t.tailtarget.com/	1970-01-20 14:09:23	Name: n Value: 1689971250
wlskyinfopartners.adsrv.eacdn.com/	1970-01-20 23:02:11	Name: CEK Value: a
.doubleclick.net/	1970-01-20 22:47:47	Name: IDE Value: AHWqTUloetOKYC0ZKmmQ-rK7t1Zim2ihI0JgxMu-y_t5ayWDLiqi845wf1aZ_D4vV4s
.doubleclick.net/	1970-01-20 17:45:23	Name: APC Value: Aa3gxNqnufm73n1wRQ_royroOClpKDEQgE-lhtdgVaq0stjY4XfOYw
wlskyinfopartners.adsrv.eacdn.com/	1970-01-20 15:35:47	Name: XYZ Value: 120&0&148&&&&0&1&&1e75d6c9-798f-4f0d-9127-c41dd45035a9&a_1304b_1409&&
wlskyinfopartners.adsrv.eacdn.com/	1970-01-20 15:35:47	Name: A_1409 Value: a=1409&r=0&fv=20230721&lv=20230721082731&vc=1&fc=0&lc=0&cc=0
.casalemedia.com/	1970-01-20 22:11:47	Name: CMID Value: ZLrqMxfB6K1QtccjQW0d9wAA
.casalemedia.com/	1970-01-20 15:35:47	Name: CMPS Value: 3204
.casalemedia.com/	1970-01-20 15:35:47	Name: CMPRO Value: 3204
.adnxs.com/	1970-01-20 15:35:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlieZ'aF!]tbPl1M>e)ZlrFUfJ+tGXxpOUZ#K]IQ3E':te$NWtOAiOq5bH_/$OT^IzSi3If)y3KL9D3I?+X(Nm$B
.blismedia.com/	1970-01-20 22:11:51	Name: b Value: 64BAEA339C4858368BDA5251BLIS
.travelaudience.com/	1970-01-20 22:57:52	Name: _tracker Value: %7B%22UUID%22%3A%22E0B7461F-1162-4B7D-8E44-ACCCC667D2BB%22%7D
.lijit.com/	1970-01-20 22:11:47	Name: ljt_reader Value: HBPruGZHEcnvuK7YQUWtNQY1
.everesttech.net/	1970-01-20 22:11:47	Name: everest_g_v2 Value: g_surferid~ZLrqMwAAAj5qoQAb
.terra.com.br/	1970-01-20 22:47:47	Name: cto_bundle Value: xQWGN19SVVJkUmg3bUVhNXlHTVElMkJsV1pDajIxRTJGOE5HS254QXZqNnlPM0lnZSUyRk9mSjhYcUFVQ1g4T1MlMkJobm8lMkJFSmt3d2NpVmVUeTlGbFRoS1ZnTW0lMkZ1VzdUSEM5STZGYVoxRXRPSXBReEhMcnlDcTFPaTJxYkNZZDRUUjYwb1k5ZXB4VDAzbERLUGt2RUVUNXBrbGJIbkl3JTNEJTNE
www.terra.com.br/	1970-01-20 13:26:14	Name: _lr_retry_request Value: true
www.terra.com.br/	1970-01-20 14:09:23	Name: _lr_env_src_ats Value: false
.yahoo.com/	1970-01-20 22:12:08	Name: A3 Value: d=AQABBDXqumQCEL557kgPf-HWb41gAu4I91YFEgEBAQE7vGTEZAAAAAAA_eMAAA&S=AQAAAmztxaZi7g4nh3StvebtkaU
.amazon-adsystem.com/	1970-01-20 23:02:11	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:23	Name: ad-id Value: A2E_qCe-BE3Sk0dplF-xXOM
.linkedin.com/	1970-01-20 22:11:47	Name: bcookie Value: "v=2&a56c7e11-04b1-4a7f-8f5d-9a22a089337c"
.linkedin.com/	1970-01-20 17:45:23	Name: li_gc Value: MTswOzE2ODk5NzEyNTQ7MjswMjGLaVmoWz02fXNVuVKFR2r3owRXR1Zy2N+zscwWKXYO4Q==
.linkedin.com/	1970-01-20 13:27:37	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3095:u=1:x=1:i=1689971254:t=1690057654:v=2:sig=AQFBo-aiVm1xh4Y7LfBjvKEkLZjvSf5F"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=15678666164 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13911 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

047ba13ef36cf3ad33661f2e9a1c88f3.safeframe.googlesyndication.com
6ef903f683307fb19e4fda4ef12eda8e.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ads.travelaudience.com
ampcid.google.com
ampcid.google.fi
ap.lijit.com
api.rlcdn.com
audima.co
audio10.audima.co
b.t.tailtarget.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c.t.tailtarget.com
c2.taboola.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
d.tailtarget.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p1.trrsf.com
p1.trrsf.com.br
p2.trrsf.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
publyads.jstag.space
px.ads.linkedin.com
r5---sn-5hneknee.c.2mdn.net
region1.google-analytics.com
s.ad.smaato.net
s.amazon-adsystem.com
s.seedtag.com
s0.2mdn.net
s1.trrsf.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tt-10969-0.seg.t.tailtarget.com
wlskyinfopartners.adsrv.eacdn.com
wlskyinfopartners.eacdn.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.googletagservices.com
www.terra.com.br
104.18.35.34
13.32.121.37
13.32.99.59
142.250.185.194
142.250.185.98
143.204.215.51
151.101.129.44
151.101.194.49
162.19.138.83
178.250.1.11
18.66.96.174
18.66.97.24
184.30.20.22
184.30.22.30
185.80.39.216
185.86.138.124
185.89.211.12
2001:4860:4802:34::36
216.52.2.30
23.35.236.188
2600:9000:2057:6400:1b:5138:8a40:93a1
2600:9000:2250:f400:a:e047:753:be1
2602:803:c003:200::31
2606:4700:10::ac43:266a
2606:4700:3035::6815:193e
2606:4700::6811:180e
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:829::200a
2a00:1450:4001:829::2010
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200d
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9b
2a00:1450:400e:8::a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:26f0:7100::1720:eea9
2a02:26f0:7100::1720:eec8
2a04:4e42::485
2a05:d018:d29:3602:48de:91a4:6073:8331
2a06:98c1:3121::3
34.102.146.192
34.102.185.99
34.107.148.139
34.120.107.143
34.120.133.55
34.149.50.64
34.96.105.8
34.96.70.87
35.190.0.66
35.190.39.111
35.201.123.184
35.244.159.8
35.71.131.137
40.127.232.184
52.18.8.176
52.222.208.154
52.46.151.131
65.9.66.122
67.220.226.233
69.173.144.138
69.173.144.165
01a21bdd43f9ef89f76d8d0bd8df77ae0db28364a62b246f6e00386e3a7ec250
031c1af6727ba0315b5a7e27f9a812989fd0b462e19afb3e781683fa33ed3eb0
03b01c2cf99d2ad864e60edefc51203c5b60f1df541e81d471b91f8d7d628f1f
03f21bb2383ae05c61a57fc3540f71b5393a4b6a3f4e7d1d5e8605611855c6e6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
06fe4ad09a44077b0590c728c396f5e5357ce6bd83345c339df5ceebdb9e28c0
072aac53b7b3f4423dcffc13541197aa59fc1c8e170e88164772c32d0d88d764
0895b67fda03af2a222599d6342e3b6984cfbcebc368cbe5198efd54a61fadfd
09e892c022f363a87d7417ea3e4c00bb8d73c6d6506a2183ac0937009c60304b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c23c1806fe41e0f14a9b5b3c0f9e188f338410d4d0e13175ce79605f55e5b64
10e291c228593a7d82b064e0cb24150d893a00e84566bf9d77d6c94b7886185e
11838a58ab32852137378c8840cdb5eb310768fb5b4d7ea95855c5a105348431
125bae6d5c0255748d46352540c62c2907721067fb829fdf55646824f1517590
126fb5079774b8e052a9bc6fd9f5febc48c0bfc4aa9cb5140cbe3f0c86a692ae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146f880d15c6b94d3679a9dddd04a7111752355c890fba4f9039e44097a1b3a4
14a0ac3ed81970ea84daeb6d7d02df7293a62f17b9ca075114ca583c62ac0a8f
166720721c833cecfeb03d4dc92c707c7855430f2a3caf2fd60a736400e6e251
17ac178d134001a28995d938665e1f1bd8084f268dd51c6227a66bca347ac918
17bff033530b168de0b178b2d5ebc0d27e8f66519806a431a685e18614dc1eec
18ea7d44f4fecd2f320897686d1e57be8fa6ce48d92d1942dee116953deeacc3
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20976fc8fe202fef3f3b01a7068bc9512b8c82162c61e6e2403f8b4eabcb54aa
209869a2cfbdad494288b593047512c332ef612d43fe6d793914c5648651d35c
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
23846ed1758aae96b92730d47b8cac5958f9e9c234c1ba0d9f793493a19dbf13
23973751bbd6f7da54aa8234c74aa89eb77a11d042c9e372504676f7473dedbf
285b329154d66c830326cdfe19681500a9f2f11f0bbd36b04440340b9f3a9e23
298b799c8ce0478d626a78d837c0aa42b476636614c530270b5d39c0aaf6135c
2a228ee2a840a42200e8420acc98f4dcf04d28c0c55a981944ea14eb72fb3396
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
31152ebc18921814fc84d02d35de5bef4594e13f30cf71b0c03de33970406483
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31f1a4a51455378e4dc8df3ad43341034b8a64663dcfa2679f3892717ccb242a
340a9f0960a3e238fe2d80154f8000d7a2145bd2e238d0b0504d4cdac78aecd3
3670b5bf9d32756f15bee73a77f2da18bcb80db609e8f6f69dec591e0a450038
3732b6af5e4e9b2358356e6c30f4f1ebe0cabec1b7688b7179c36df6d933d8b5
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4232ef0fe15116ef5079354e5611d7d10408de9fbac3b42eba924d8b5c7678d7
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f815ce7acde1b5ef3aa3ef24494af227e720ad3e06c9a05940d4cca5657d29
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5a379aad4b60493c03becc0ff603ee4b0ac26712b9d89484225cdfbad63855
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4df5ae0d1b2255b7d8e906067315b20b1941ecbe66c4bd98516d06c10dd4f00a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517fd00902c0885e385f87c35a245cdc3adca53106fac1724cdf684f3232da10
52b41bc3ab2522c81172cdb2b3278ef3b2c208bce6d40d347174c13bdfef1880
536dbec0288cb719adfba8eb85fec22039e7e63dc0533c1d2817fbff1750543d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5cef9df49ee4dcb09dca52d70690773e2ba4420bacb7081ed6541155e85d5a57
5d32424e720813d6e4c6dc3f2030afb5c0e5d2ce660506560c887211db3a24f4
5e096a3c44d5758de1ad470914312cb8f5d398b3ef00920960d3dce34e4acfe6
60a783613c99be8edb7ec95d90e2798d031f95714c0f5e0a334a0095d24b0106
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6329d3be03b7a81a1b4ce44379df278c1f6f404504e7743b25af520a0fa07d36
66e62c63033a62814a7839d23f98955a030902408712663296f563e61eec507b
68cf1a3fae84d0161e65b695bf471800c0b87750d5dee6bdaeefc7453bcbf406
68d29d042459eaf81e01ca3d10b51008cda5813dfd517b1731abe0f7e2fe9ce6
68d511a07b459a7e9fa7db459113881ccd3932313545b1c776022e3e5e21d863
6bc3ff926436aa78594e60b5c148e1b4c6313eddabaecb0ccb289cbf64c0fc40
6d2002313fe4dc7cea780501d474df1d98af6be04b0cdb0a1366a841997a844f
6d56ca2a83c783d4816cb52a734a0b6b460b8ff8e7398033014049313792d36d
6dbad193c8dc3eb6b8b2e7520cc60216446d0a3abc1ecbc5dfde80ed8f650780
7016662d70591fca042760a4712742ea021bacb9f0489ce298e2a955d917239b
70feb74fb6433c6ca83299c8ff64529da475741b6cd2a335aefa38b14dcfbe9b
73b665ef38d8e9b2abbc779a98e91fc7d123d2dfa3563fdc4f33a20f68cc6515
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77cbdd3f6cb232b5aeda12940d9c9218593ddffa8d95663f804992e33a396bdc
77de0b4cac629fa8bc677eef858e08214771c44045590caca17d2b820cc99178
794bbb3ee09c729334e6aef156f6f8d5c32a7bbc9cf649712fa696a66eb19137
796f7a84c764a6bec521beec4e15d0fd1b0e752957971121bed78885be42ab81
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7b4f03df8bb40b91fca5829ceb5515153c3db9b01afdb233f91a723952058a50
7c0f0ed8f833cdbba7f2512af399185f2a742e6bd42ad3a94049a8c5167262f9
7c1707d39cce7a6636ac67c71bdd482a30f9789bf63e4aa2acca5ed42d9231c2
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cbb4856be44338488409965f5bf4bdef0aad5fed40179703956ceded63be73e
7df308376be2025822cbdc6bced495d1fa8cd400bf0991a855823d2cd45b816b
816827133e8b7b6964b9d194144b27966925b76923fc786a326873c00eed1489
82ab7f39eb09587ab89a19137fe3373cfe638b59e00981c00a17933af08a97a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83df6bb8897057a8caf2335848092c02418ed425060d403f4223b9ea990134cb
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8705035cf0fd5a8366a76994aae9de1bb5966912c8c52023b798130c9935c1f9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa8d08560aeb088e8d2dd8d1dd7b8eb233e3ca9251d1a0d01dd6ef603c5950a
8c3f038dfb5a6aad95585647433da60342dd99576ef83683258a8f0e1b326d1d
8c591e4c4423edcd4c23f7f740a928eb4d3f8cfb4d72d1758e0255d584b74fb9
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8d4c7adc599852b039fa8c7eee377d82229e0acba62a7c9f002bd2a246fd27b4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f71b1a90eb71277727e906a81ecb8b4fd932ab1301d75a17046132e4a009d58
9147117407e64985a6223ad3643c6ca70e2e3257f02fba20793c564c47141c63
954581c979b209cb6812bd2b086fbc8f3bebc7f64d143c2cac8a1bc22ffb887d
961eb42be14d520149decf378356236517985cb4721f9b320672e9439a88c3e1
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
970e46517903e0d29f0e26a45ad48971d0aec22ff05095e6b0dfaa2f33affe27
99883e6f3d5b6c2c218fa653bf36a36a9ca410ee8d7c1bd46d0db926219678e2
99cafca30c541527b28cf4b5746ac6a21336a66a98cc10bf6aeab1919cb047a0
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963
9e04561b7c210f1f73737c0744e8e081183cf25d6a21332d52bc6321cc5e3bca
9fc820ea837daf2b4dd7982bdd22ac63172686f5ad2acccbd2abf04065c87804
9fe33330648bd53e5a78bcdddc6b84ddf85d7f4e0cba57e76735412a7898eff0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5036e90686b1c0d1c1e7b0ad46c499043d72e580b3a7937d923ac6fef25ed76
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5dda836e330652d53ba332e434ed1851651054afb1b0e0e13d8171b48163ac4
a5ef2ac7ba213616b276b0aa1d86d72f2d59312d4c4f678f98dc98743465dbf9
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a84f128a88d8d1b3987d2b7b361c60185a6bee0742f3d6006e207c03db420853
a888a0bfad820be307c082dd189b7c4bdccb3917c4cc2b17cacf2aff5594fccc
ac3baa7de52897b59aabc421fd365ea21216f1dd65d07c484bb20863c5359a5a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b6da5eebb0023cddb0d5fa35708f6f44bd8e3661da0ea0dfa79b00f3e9229f
b0f73f013a0d2a1e31440cbe36158fbc5e216e24e39b441077afffff22478a01
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294d337e8cf95cb4c13e919d43adf113297ddee32e79fe912bc6fb683b68f19
b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098
b620b550e1112593c2de50c390264fd1a9b9789f44aad3f2aba4f2bd1c2b4939
b65b083a179322c03ae587b5011ce202a66bacd97fa6b14f7f3c591cc8308f4e
b881dee027e4645f81a7c83a868c24cf46014194e3d83ef330f7934ac5e2a661
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2a4bd115dbc2a85799d89572da72fb03e26e293bb0a373156dd8b7a3c1a4e
d191c78c3ca33ba3d0df902a2368061b67c411c51c53bf60e847748dedd43c23
d2c9ac6f4b9de7a943c3a61e880c39c7837a38c4fdb6602a114171074042e388
d4f582b6607ae027ab85313505784f4d922fc5e968a41ae11f35f6dbbc3c87f9
d53279c3ee9b3f9b7c3969c5b8c7c52b3020570c5fdd9acad5b2d9c0394a1722
d67d230ae95712c0093c288cba19921dbb227c2cecd64db62e85678cc1b43954
d9ab65d2da14902eb57aafe60226d3aa8b1d6857b5e436bcf15e551dc990c287
da4751ec73e5d238811ee5534f1d087a57dbd5e6f018fbc3f7fd2daddce4d9f2
dd621915a9cc0d27c64f62e9487cb78dfd64177197c1fa58dde6d49640c359a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de84e79178e5c56396fef99546d130649dd717c81dfff7e5a4de62f73e7452bd
deea5aa51b632606d172c672524286d437975f46ffaa264c55d20a8379370942
e33bbbcf968b03599c283ccd96bb38bf5101767cb9fe322e26e213fff9fb6786
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3a4d568ec1e1909d70a1ecaede97fefdb528d06c05985784756f53399d2b640
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e5d3f578e4976231880406bb831b1e83f159963d7be14d5978e61d996c100388
e5ebec286f66345b1cf0e6f4dfdef949440265554e89460bc7b6d8db09866c02
e764e0f070280d38fb471a3c1501acc1c9be5cd58c81398799b377ef1a610acc
ed4a454a1a9cd6d9bc4421c253fff2d1d0b563cc61e383de8743767692994b24
edbd7ea4d6eb76178438ab526d5f79b7a6a64cb9ae1573aa6150b766eda7fb2c
ee166a21665f7680d5d1dc067ddc231e7af2dd8beb9e8d804231a1d60645c300
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bc02366957861a152abc05593a0692bca94bc7431242715f9296b8c41a99ff
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c
f380ae7d181f2085b7a977ab148d8b45b8b5731fab72307c3bdfef8d18fb83c4
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f41e052d0591bc6026c69c93b552084aac01e5933748f23518608e6915460fb3
f460c9af055759418c99b6a86cd06010336a13b9658bac0cc528c656e72e8daf
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939
f874a699f20f0730b99a3d16cea28bb4869c0f684dd9cdf40a5e33fa4853a69f
fc32b8d560502c8aa3901ab255c0538b2ad678162e2fadf38175a404aea0624a

www.terra.com.br Open in urlscan Pro 2a02:26f0:7100::1720:eea9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

260 Requests

91 %HTTPS

47 %IPv6

48 Domains

87 Subdomains

70 IPs

8 Countries

4127 kBTransfer

8647 kBSize

57 Cookies

4 Outgoing links

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.terra.com.br Open in urlscan Pro
2a02:26f0:7100::1720:eea9 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

91 %
HTTPS

47 %
IPv6

48
Domains

87
Subdomains

70
IPs

8
Countries

4127 kB
Transfer

8647 kB
Size

57
Cookies

260 HTTP transactions
3 data transactions