urlscan.io logo urlscan.io
SecurityTrails logo

www.em.com.br Open in urlscan Pro
179.191.182.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.em.com.br/
Effective URL: https://www.em.com.br/
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 12 countries across 57 domains to perform 382 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.em.com.br. The Cisco Umbrella rank of the primary domain is 878970.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 10th 2022. Valid for: a year.
This is the only time www.em.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 58 179.191.182.65 52580 (Azion Tec...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2400:52e0:1e0... 200325 (BUNNYCDN)
2 15 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f08... 32934 (FACEBOOK)
1 184.30.208.159 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
26 151.101.129.44 54113 (FASTLY)
8 3.15.36.77 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 54.38.197.123 16276 (OVH)
1 1 15.235.15.221 16276 (OVH)
4 3.33.220.150 16509 (AMAZON-02)
4 35.201.123.184 396982 (GOOGLE-CL...)
1 18.66.97.77 16509 (AMAZON-02)
1 2804:564::1156 20044 (SA ESTADO...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 146.59.110.145 16276 (OVH)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
4 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.128 16509 (AMAZON-02)
1 13.32.27.70 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
18 141.226.228.48 200478 (TABOOLA-AS)
2 13.32.99.122 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
6 34.102.185.99 396982 (GOOGLE-CL...)
1 172.64.143.2 13335 (CLOUDFLAR...)
1 13.32.119.77 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
11 2602:803:c003... 26667 (RUBICONPR...)
2 4 185.89.210.90 29990 (ASN-APPNEX)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.194.251.83 42352 (QOS)
7 20 172.217.18.2 15169 (GOOGLE)
1 184.30.20.207 16625 (AKAMAI-AS)
1 2 3.71.149.231 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
3 18.184.107.13 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 184.30.22.30 16625 (AKAMAI-AS)
1 2 69.173.144.138 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 5 104.18.26.193 13335 (CLOUDFLAR...)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 4 2.16.97.41 16625 (AKAMAI-AS)
2 4 52.18.6.202 16509 (AMAZON-02)
5 5 52.29.172.170 16509 (AMAZON-02)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
2 34.251.18.137 16509 (AMAZON-02)
6 6 46.228.174.117 56396 (AMOBEE)
1 1 35.214.163.124 15169 (GOOGLE)
6 142.250.185.66 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
1 185.86.138.150 201081 (SMARTADSE...)
4 2600:9000:223... 16509 (AMAZON-02)
10 2600:1f18:1ac... 14618 (AMAZON-AES)
2 23.212.88.20 16625 (AKAMAI-AS)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 95.101.148.20 16625 (AKAMAI-AS)
382 69
58    179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)
www.em.com.br
css.em.com.br
js.em.com.br
imgs2.uai.com.br
imgs.em.com.br
i.em.com.br
barra.uai.com.br
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.membrana.media
15    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
19    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
www.google-analytics.com
4    2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
5    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    184.30.208.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-208-159.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
5    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
26    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
pm-widget.taboola.com
nr-events.taboola.com
trc.taboola.com
vidstat.taboola.com
hp.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
8    3.15.36.77 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-77.us-east-2.compute.amazonaws.com
kinesis.us-east-2.amazonaws.com
6    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
4    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    18.66.97.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-77.fra56.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    2804:564::1156 (Brazil)

ASN20044 (SA ESTADO DE MINAS, BR)
t.em.com.br
5    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
1    146.59.110.145 (France)

ASN16276 (OVH, FR)
PTR: ns3225527.ip-146-59-110.eu
server.smartytech.io
2    2400:52e0:1e00::1077:1 (Germany)

ASN200325 (BUNNYCDN, SI)
ym-tack.b-cdn.net
4    2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net
launchpad.privacymanager.io
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
18    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-match.taboola.com
sync.taboola.com
2    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
20    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10258-0.seg.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
1    172.64.143.2 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
1    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
11    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a00:1450:4001:82f::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    91.194.251.83 (Kyiv, Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua
membrana-cdn.media
20    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
11    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
30    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a05:d018:d29:3601:bf41:b326:fa86:2937 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    18.184.107.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
4    52.18.6.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-6-202.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
5    52.29.172.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-172-170.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    34.251.18.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-18-137.eu-west-1.compute.amazonaws.com
match.360yield.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.214.163.124 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 124.163.214.35.bc.googleusercontent.com
csync.loopme.me
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    2600:9000:223f:b000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
cs.media.net
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
Apex Domain
Subdomains		 Transfer
57 em.com.br
www.em.com.br — Cisco Umbrella Rank: 878970
css.em.com.br
js.em.com.br
imgs.em.com.br
i.em.com.br — Cisco Umbrella Rank: 967092
t.em.com.br
1 MB
53 googlesyndication.com
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
306 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
306 KB
44 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
c2.taboola.com — Cisco Umbrella Rank: 9643
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
nr-events.taboola.com — Cisco Umbrella Rank: 12046
trc.taboola.com — Cisco Umbrella Rank: 680
trc-events.taboola.com — Cisco Umbrella Rank: 2281
vidstat.taboola.com — Cisco Umbrella Rank: 3058
hp.taboola.com — Cisco Umbrella Rank: 25981
am-trc-events.taboola.com — Cisco Umbrella Rank: 15139
images.taboola.com — Cisco Umbrella Rank: 1964
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-vid-events.taboola.com — Cisco Umbrella Rank: 13899
am-match.taboola.com — Cisco Umbrella Rank: 15405
wf.taboola.com — Cisco Umbrella Rank: 3324
sync.taboola.com — Cisco Umbrella Rank: 1031
vidstatb.taboola.com — Cisco Umbrella Rank: 5791
659 KB
24 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474
accounts.google.com — Cisco Umbrella Rank: 32
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
181 KB
18 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
201 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
20 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
284 KB
10 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 60313
d.tailtarget.com — Cisco Umbrella Rank: 68896
tt-10258-0.seg.t.tailtarget.com
b.t.tailtarget.com — Cisco Umbrella Rank: 54564
t.tailtarget.com — Cisco Umbrella Rank: 8785
28 KB
8 amazonaws.com
kinesis.us-east-2.amazonaws.com — Cisco Umbrella Rank: 23177
2 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
41 KB
7 membrana.media
cdn.membrana.media — Cisco Umbrella Rank: 51650
297 KB
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
164 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
104 KB
5 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1469
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
2 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
sync.teads.tv — Cisco Umbrella Rank: 1584
1 KB
5 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 30155
usr.navdmp.com — Cisco Umbrella Rank: 36353
cdn.navdmp.com — Cisco Umbrella Rank: 8424
sync2.navdmp.com — Cisco Umbrella Rank: 57042
6 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
68 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com — Cisco Umbrella Rank: 1303
83 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
354 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
3 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
cs.media.net — Cisco Umbrella Rank: 1684
contextual.media.net — Cisco Umbrella Rank: 780
3 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3462
launchpad.privacymanager.io — Cisco Umbrella Rank: 3214
geo.privacymanager.io — Cisco Umbrella Rank: 2195
18 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
593 B
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 547
538 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
436 B
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 27330
ui.cleverwebserver.com — Cisco Umbrella Rank: 28409
call.cleverwebserver.com — Cisco Umbrella Rank: 29579
49 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
91 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
147 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com — Cisco Umbrella Rank: 498
358 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
397 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 967
1 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 957
140 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
dis.criteo.com — Cisco Umbrella Rank: 648
867 B
2 b-cdn.net
ym-tack.b-cdn.net — Cisco Umbrella Rank: 59424
2 KB
2 uai.com.br
imgs2.uai.com.br
barra.uai.com.br
4 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
75 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
417 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
609 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
709 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 2109
418 B
1 membrana-cdn.media
membrana-cdn.media — Cisco Umbrella Rank: 61011
34 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 508
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 10905
176 B
1 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 7164
555 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 smartytech.io
server.smartytech.io — Cisco Umbrella Rank: 55936
249 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3315
419 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 11550
259 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3927
17 KB
0 deep.bi Failed
scoring.deep.bi Failed
382 57
Domain Requested by
41 i.em.com.br www.em.com.br
30 pagead2.googlesyndication.com imasdk.googleapis.com
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
20 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
20 tpc.googlesyndication.com www.em.com.br
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
securepubads.g.doubleclick.net
15 securepubads.g.doubleclick.net 2 redirects www.em.com.br
www.googletagservices.com
cdn.membrana.media
securepubads.g.doubleclick.net
13 fundingchoicesmessages.google.com www.em.com.br
11 s0.2mdn.net imasdk.googleapis.com
www.em.com.br
s0.2mdn.net
11 fastlane.rubiconproject.com js.em.com.br
10 dt.adsafeprotected.com 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
9 trc-events.taboola.com cdn.taboola.com
www.em.com.br
8 kinesis.us-east-2.amazonaws.com cdn.membrana.media
8 cdn.taboola.com www.em.com.br
cdn.taboola.com
7 cdn.membrana.media www.em.com.br
cdn.membrana.media
6 googleads4.g.doubleclick.net www.em.com.br
6 cdn.jsdelivr.net cdn.membrana.media
6 www.google-analytics.com www.google-analytics.com
barra.uai.com.br
www.em.com.br
5 pm.w55c.net 5 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.em.com.br
5 www.google.com 1 redirects www.em.com.br
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.googletagmanager.com www.em.com.br
www.googletagmanager.com
www.google-analytics.com
5 imgs.em.com.br www.em.com.br
css.em.com.br
5 js.em.com.br www.em.com.br
www.googletagmanager.com
4 static.adsafeprotected.com 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
4 sync.1rx.io 4 redirects
4 fw.adsafeprotected.com 2 redirects www.em.com.br
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
4 ib.adnxs.com 2 redirects js.em.com.br
googleads.g.doubleclick.net
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 match.adsrvr.org www.em.com.br
imprammp.taboola.com
am-match.taboola.com
4 accounts.google.com www.em.com.br
accounts.google.com
3 us-u.openx.net googleads.g.doubleclick.net
3 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
3 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
3 pr-bh.ybp.yahoo.com 3 redirects
3 onesignal.com cdn.onesignal.com
cdn.membrana.media
3 am-trc-events.taboola.com www.em.com.br
cdn.taboola.com
3 tt-10258-0.seg.t.tailtarget.com d.tailtarget.com
www.em.com.br
3 trc.taboola.com cdn.taboola.com
www.em.com.br
3 d.tailtarget.com www.googletagmanager.com
www.em.com.br
d.tailtarget.com
3 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.em.com.br
c.amazon-adsystem.com
3 connect.facebook.net www.em.com.br
connect.facebook.net
3 css.em.com.br www.em.com.br
3 www.googletagservices.com www.em.com.br
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
2 cs.media.net
2 sync.targeting.unrulymedia.com 2 redirects
2 match.360yield.com 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
2 image6.pubmatic.com 2 redirects
2 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 b.t.tailtarget.com d.tailtarget.com
2 static.xx.fbcdn.net www.facebook.com
2 geo.privacymanager.io cdn.membrana.media
2 nr-events.taboola.com c2.taboola.com
www.em.com.br
2 imasdk.googleapis.com cdn.membrana.media
imasdk.googleapis.com
2 region1.analytics.google.com www.googletagmanager.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 ym-tack.b-cdn.net cdn.membrana.media
2 tag.navdmp.com www.em.com.br
tag.navdmp.com
2 cdn.onesignal.com www.em.com.br
cdn.onesignal.com
2 www.em.com.br 1 redirects
1 contextual.media.net
1 dis.criteo.com 1 redirects
1 ssbsync.smartadserver.com 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 csync.loopme.me 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 t.tailtarget.com www.em.com.br
1 token.rubiconproject.com eus.rubiconproject.com
1 vidstatb.taboola.com www.em.com.br
1 am-vid-events.taboola.com www.em.com.br
1 imprammp.taboola.com vidstat.taboola.com
1 call.cleverwebserver.com www.em.com.br
1 ups.analytics.yahoo.com www.em.com.br
1 cms.analytics.yahoo.com 1 redirects
1 pixel.mathtag.com www.em.com.br
1 sync2.navdmp.com www.em.com.br
1 cdn.navdmp.com tag.navdmp.com
1 ui.cleverwebserver.com www.em.com.br
1 membrana-cdn.media www.em.com.br
1 csp.withgoogle.com www.em.com.br
1 images.taboola.com www.em.com.br
1 a.teads.tv js.em.com.br
1 prebid-us.creativecdn.com js.em.com.br
1 prebid.media.net js.em.com.br
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 metrics.getrockerbox.com www.em.com.br
1 hp.taboola.com cdn.taboola.com
1 www.facebook.com connect.facebook.net
1 usr.navdmp.com tag.navdmp.com
1 scripts.cleverwebserver.com www.em.com.br
1 region1.google-analytics.com www.googletagmanager.com
1 gum.criteo.com cdn.taboola.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.google.de www.em.com.br
1 server.smartytech.io cdn.membrana.media
1 t.em.com.br www.em.com.br
1 c2.taboola.com www.em.com.br
1 launchpad-wrapper.privacymanager.io www.googletagmanager.com
1 tags.t.tailtarget.com www.googletagmanager.com
1 barra.uai.com.br www.em.com.br
1 pixel.onaudience.com 1 redirects
1 a4p.adpartner.pro 1 redirects
1 appleid.cdn-apple.com www.em.com.br
1 imgs2.uai.com.br www.em.com.br
1 fonts.googleapis.com www.em.com.br
0 scoring.deep.bi Failed www.em.com.br
382 114
Subject Issuer Validity Valid
*.em.com.br
AlphaSSL CA - SHA256 - G2		 2022-10-10 -
2023-11-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.membrana.media
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.uai.com.br
AlphaSSL CA - SHA256 - G2		 2022-10-10 -
2023-11-11		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
kinesis.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
smartytech.io
R3		 2023-08-20 -
2023-11-18		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
getrockerbox.com
E1		 2023-09-01 -
2023-11-30		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
membrana-cdn.media
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh

This page contains 29 frames:

Primary Page: https://www.em.com.br/
Frame ID: BE504746AE58D441972B2A3232430CD3
Requests: 235 HTTP requests in this frame

Frame: https://barra.uai.com.br/centralizador.html?origem=https://www.em.com.br/
Frame ID: A47C4D7B4A07C00D0F8BF08D072AF2EC
Requests: 2 HTTP requests in this frame

Frame: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1D065735FDD1AE6A6AA348515205459B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 570B30A3AF3D11E9F4B8F52503E0101B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C47B9E7236CE0F9B47E92DB130520C0E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 82C99C9450B82DCC0476CB0EA8F8BA07
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_837063_876979&as=VXVkboFJhVhCMi%2B84Qxywg
Frame ID: A1E3B357204710460AF84654BF7EE36A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f8beee7e16f7c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.em.com.br%252Ff1e88207107566c%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Frame ID: E06DB0427FA65D7451598D099B96DCFF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 3462D1F61438E90D0ADDCA29C240BABB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A2FB96D417B0851C9B1002B407A7C9A3
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&cmcv=&pix=undefined&cb=1697510837942&uv=3347&tms=1697510837942&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=55a4d2d1-3934-46c8-b97a-19bd16745758&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 023FEBF2878C836F017636FA0CD35201
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C0F4FBB0F05BF7499849628D513BA312
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 42426B42E3BC14B26A3A921A9376AEA3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 17FF28A058EC608FF75FA88EB5FECA46
Requests: 3 HTTP requests in this frame

Frame: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37D2A597BCB6752421272EE1B740C271
Requests: 28 HTTP requests in this frame

Frame: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 36AD7506EB56B0BBFDA2627C7C56179E
Requests: 27 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Frame ID: FF691B1E38F71C808B3F72C4AC9A0E70
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGK7Q8O8BMAE&v=APEucNUIAINokLMogtOtr5ftXzm1ASg3-kq3NrzcH5TkU8VMdpLOp1NoPI-wcOOpztbJ6OzypOYKDZXUgKCJZHLiqG5VDMQBJKJJBAqoDPiiJIvsJPOLHy1oYB6HdQODx7zkkWDd4OFv0Dr4oOMbNaI1LKV8WwbXqyWJ0OQZSQMRmm1hqS75Ylc
Frame ID: 5F9B421314F4188AFC5B014A2E0326C1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIjU8O8BMAE&v=APEucNWw9O5kqqDRdE6yvz-NoAmBrkO_yCn_qpI7jgwpLJuqI7vB0RAqoz5FV2zAN8VUjNu1ItvatwHEEhYws434pp9Ca-VAaGLqmXxuA4hsOUQfXbeP8VO0sdck8Kg5MhxMxH1irZG1n9DY2f67hSSFn3JHprEkDtFYoVbiWHlZhHqKn6WSidQ
Frame ID: 4530950E72572B180907CC805C55DC1D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D380508611572822886F9E56CBAF7F33
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7BC7426D3A4B4F44EA42B499D345032B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
Frame ID: FDB0560FD154830CCD737467F782956E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D0BB002E55BF40451ACFC528F1841B2A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2065747860E18E75C5F854E4B602927
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
Frame ID: AED85EDB3186FD57C42BC620626ED2ED
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AA1C9594F67672B610CEE40E85430CFD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7658196491E6DC704C782204110F29BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C008CB99CCE3A9992920D82067AD275
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE3C934B58CB56B3056877803A545EE7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jornal Estado de Minas | Notícias Online

Page URL History Show full URLs

  1. http://www.em.com.br/ HTTP 301
    https://www.em.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

382
Requests

91 %
HTTPS

42 %
IPv6

57
Domains

114
Subdomains

69
IPs

12
Countries

5050 kB
Transfer

16705 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.em.com.br/ HTTP 301
    https://www.em.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=283&mapped=b69ec9d5-ed54-4601-8f89-a5d75e0514c2&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 136
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQTu7grREZd9KW3rj9gibWa-8M7TaqrxcvbegXYteHSnV62-RUtaFUtGtd1HJgtupFxEKQStFzV2Bj4kp9QhUZbAaWnYLizWWmEtzv5TA3cxlmuGOwXlf8PPefQsT3106ArSbMDkt-2sKAeeLBsgQXE5a0tqWeIZHwNNru0IlmVOdVl_wuZMpvKsA1wvjAPEn8YurEpzt5UOgZeYhYCXc-JGeqSaFnOmqfHxvEnyHEzExKHvRNf1AFLsaIlIimEMmKe_5hBcBJTQOFvGlWsUXWu6D9vKSP1HhspAzkIhL3DbTbu-Cfm0YJLhndRIDahyIdCt8_Gdheb2doyPYQCVHVrq9AOvvlBzgp-w&sai=AMfl-YRFrokaXbTqktHMbl8_HC2UW1wmvUC_K25ZaF-4htnyWACGWi5KWfYYZ2G0AxDxKpqrNsVtK_tLAlJk61KK_hWnw8iDDyOqyMnIsvmEZgyIASpFwLZrpTAqtTdhzlSpYLINwy-EalhSvCgfFtE&sig=Cg0ArKJSzLCXAYgXhFPREAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad/dot.gif HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Request Chain 138
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRVPAsdHMIlsuH17aBLfiinDlNiy2gJ1FMyZmvRDEgUli5UmxEe7fJLCspveRw3Kbu5RFqkL0IyH_9RSJkQvuglVK46t6DkAOH5TA559xWzcHYaCX6s9BTwIVj9lSTkh9nQNIVAASJGEtZKH07NrJuioYWgVLryPTNc7PCblNfVeFJyksmr-cHUpCsNhQD5RxZIB5Rke9k5R5zCvj89-o5vqrFHI8jx2EazjXGwekyRwmEUp-8fUfqqTmnw4snZ8Yj7lEdLuREvWGkTB3gFIno_3IHE1B3m5AV9C7J-u8abPehtG11j-9r2XPt8_U3GTsF6vIDY7iQCrbncRjw0lles4Ts-CcaW1Uczg&sai=AMfl-YR1c0koNnq8MvyhKXZV_3M_49WjraGduqzzba23jHAQPCQhnB3MJxDU6DYbtTJSzt61loJRzdtReQcT-V9pIvPc0Aq0dnYTrb0gWBf3zOopVVeH3iULlDabo8C9-5G6dVG7_lI_jv4EA1sAUC1g&sig=Cg0ArKJSzLnDfgtpAr3XEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad/dot.gif HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=83696127395 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=83696127395&google_gid=CAESEPwte0lDBHcIeCUTBPdAyVQ&google_cver=1
Request Chain 204
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 226
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
Request Chain 229
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
Request Chain 240
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1&C=1
Request Chain 286
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZS31tm43pzZyNak4CypqvAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECx8LtfkU8GicHu6QO7Xl_U&google_cver=1
Request Chain 288
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA4OTc1NjA3NTc4Nzg4NTk3Nw%3D%3D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELzCz_vWAuhQ3U6FMTGIw0g&google_cver=1
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKPKdKTxZe53-44LzOBw0rk&google_cver=1
Request Chain 297
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 316
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmTKO77snA67eNZF-SJvmkl7nGfeGGQLl3Rz8S4UTqD1nY_K-O2iHpKDVf2gp2bnqwN3W1m4HUBlqHBlfo7wEHXwi1CCTTw0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmTKO77snA67eNZF-SJvmkl7nGfeGGQLl3Rz8S4UTqD1nY_K-O2iHpKDVf2gp2bnqwN3W1m4HUBlqHBlfo7wEHXwi1CCTTw0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmTKO77snA67eNZF-SJvmkl7nGfeGGQLl3Rz8S4UTqD1nY_K-O2iHpKDVf2gp2bnqwN3W1m4HUBlqHBlfo7wEHXwi1CCTTw0
Request Chain 317
  • https://um.simpli.fi/gp_match?google_gid=CAESEEYCLeV57POwf7-2UGC10EQ&google_cver=1&google_push=AXcoOmSos1tqOLnS4T-jBf6nvSjiwMtb1zf2lBz-r0W6p_KJf5AKUnlUileokJ6AG__0e6_L8P3RbGwP0gnSnEr3cctLlBbsznX2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AB471D677474D91A1B8DD302AF52362&google_push=AXcoOmSos1tqOLnS4T-jBf6nvSjiwMtb1zf2lBz-r0W6p_KJf5AKUnlUileokJ6AG__0e6_L8P3RbGwP0gnSnEr3cctLlBbsznX2
Request Chain 318
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFbutI5eTg16U4OVDpIl8KQ&google_cver=1&google_push=AXcoOmRbZZK3vjelEVblGXUP40bCehHiQSyhRdG44PEYmynIWXy9N7aAHLFYaJlpca_Etg45Jg-6YG4RiX6viPJ0xhqGrE_w20H3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbZZK3vjelEVblGXUP40bCehHiQSyhRdG44PEYmynIWXy9N7aAHLFYaJlpca_Etg45Jg-6YG4RiX6viPJ0xhqGrE_w20H3&google_hm=zvJSkJYgSaeQknRb_cWkZ00
Request Chain 319
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEPz0r-m9XXBtPiVLrz60kU&google_cver=1&google_push=AXcoOmQig65hveIT9MXNJ75aYhcPXgr1_FrOGpiUFAQgsRopkTX5tStEH-MZZ3iVbXBdfj7gQtXRXstz0sy0pKB0NOb9dnsnGUov HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEPz0r-m9XXBtPiVLrz60kU&google_cver=1&google_push=AXcoOmQig65hveIT9MXNJ75aYhcPXgr1_FrOGpiUFAQgsRopkTX5tStEH-MZZ3iVbXBdfj7gQtXRXstz0sy0pKB0NOb9dnsnGUov&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4RXS9rEkQO2XvqMIh5EmxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQig65hveIT9MXNJ75aYhcPXgr1_FrOGpiUFAQgsRopkTX5tStEH-MZZ3iVbXBdfj7gQtXRXstz0sy0pKB0NOb9dnsnGUov
Request Chain 321
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM8vIbfdXy_MKE7GMjCETxc&google_cver=1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1697510838818 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2f608fab-aee4-478a-b510-8e32647c7262-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k%26google_hm%3DAy9gj6uu5EeKtRCOMmR8cmI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
Request Chain 322
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESENUF-fYKI8oddOLx7JxYRcM&google_cver=1&google_push=AXcoOmQkEEKfvdKhyKkBQ7BUonOiDKtayVsW4kRmhkHRz9zNxZbuMNHmzkkeeNIP17QfqiYxaVmmSQ0JDzPPQ-ZOfWx2Y5kDzo4tCA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8555dc9e-9177-4881-8afe-8ec8ca535aac&google_cver=1&google_gid=CAESENUF-fYKI8oddOLx7JxYRcM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQkEEKfvdKhyKkBQ7BUonOiDKtayVsW4kRmhkHRz9zNxZbuMNHmzkkeeNIP17QfqiYxaVmmSQ0JDzPPQ-ZOfWx2Y5kDzo4tCA&gdpr=${GDPR}
Request Chain 327
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmS2uaajMYF-JuvQYkTo56D97mZMuVXTpu_rtTnp2A73iINjik61F0gQqYUEvA2Oaha1Qb5uCGkidT0DrtnzYNrKojBAfd8z6g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmS2uaajMYF-JuvQYkTo56D97mZMuVXTpu_rtTnp2A73iINjik61F0gQqYUEvA2Oaha1Qb5uCGkidT0DrtnzYNrKojBAfd8z6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmS2uaajMYF-JuvQYkTo56D97mZMuVXTpu_rtTnp2A73iINjik61F0gQqYUEvA2Oaha1Qb5uCGkidT0DrtnzYNrKojBAfd8z6g
Request Chain 328
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHSiCSbUseLeyuOSIvRCLrs&google_cver=1&google_push=AXcoOmShzdE5_3zq8g6_FHroKyvwaO-JYJ_o8f7bdlHLz5f6fEm0GphcAulYIjHafzUI_1d8t1zlCPOJnjGsSnvF1mVZRbih-uv4MQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IAIMtsjARpMUBDP4SjYwlQ&google_push=AXcoOmShzdE5_3zq8g6_FHroKyvwaO-JYJ_o8f7bdlHLz5f6fEm0GphcAulYIjHafzUI_1d8t1zlCPOJnjGsSnvF1mVZRbih-uv4MQ
Request Chain 329
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAfLmJ55KfvGhY3_Rs2qAjg&google_cver=1&google_push=AXcoOmTKCqjxAoPYliNwOGWbxBoCx1BSTaPaQotm4DhnKNqHZIx7ygpCWcwgKzpCMpqv4hsF2SJaG0j-YTMAZpZfOsYq_clBejomlA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5UUTRHWE0tMUctTTY4Rg==&google_push=AXcoOmTKCqjxAoPYliNwOGWbxBoCx1BSTaPaQotm4DhnKNqHZIx7ygpCWcwgKzpCMpqv4hsF2SJaG0j-YTMAZpZfOsYq_clBejomlA
Request Chain 331
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM8vIbfdXy_MKE7GMjCETxc&google_cver=1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1697510838817 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2f608fab-aee4-478a-b510-8e32647c7262-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct%26google_hm%3DAy9gj6uu5EeKtRCOMmR8cmI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
Request Chain 333
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENOL2LsSZddUWCSVndcJp48&google_cver=1&google_push=AXcoOmStMGx9MLn0CMhpjJjqv5nnllSfirTlsA6GknU41uREO4q4uXEKM48DXQmGtc_A-Gye4B87O4xyo8OBB43j9K1tjeFbjOJoyis HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmStMGx9MLn0CMhpjJjqv5nnllSfirTlsA6GknU41uREO4q4uXEKM48DXQmGtc_A-Gye4B87O4xyo8OBB43j9K1tjeFbjOJoyis HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 342
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464738/4.js?adContainerId=brand_safety_tvUtZczXIIrex_APk-O2wAo&cbFunctionName=goog_wrapCb_tvUtZczXIIrex_APk-O2wAo&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.em.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.em.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7,c:rgL7HU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-7qk7f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i*.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:19,oid:7cf1fff0-6c97-11ee-8a1a-464030457c3b,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 344
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464800/4.js?adContainerId=brand_safety_tvUtZZOzIp7Cx_APhqKwiAg&cbFunctionName=goog_wrapCb_tvUtZZOzIp7Cx_APhqKwiAg&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.em.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.em.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2abe946a-b903-9bc2-fc44-357342f05be9,c:rgL7IA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-4zjkw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tSUmubc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j*.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:7cf1ffd3-6c97-11ee-8ccb-3e32918860ca,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 381
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=T2Y2wN8L1QSA745
Request Chain 384
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e2088a3-3c2b-4b09-a4b6-5a91e0b45e84&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=

382 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.em.com.br/
Redirect Chain
  • http://www.em.com.br/
  • https://www.em.com.br/
462 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
6472f28dd6a7073d26ea89cbcff38f4485542fcd2dde5d6893c59e1d59d42623
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=120
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Tue, 17 Oct 2023 02:47:15 GMT
expires
Tue, 17 Oct 2023 02:49:15 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Accept-Encoding Upgrade-Insecure-Requests

Redirect headers

Cache-Control
max-age=300
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 17 Oct 2023 02:47:15 GMT
Expires
Tue, 17 Oct 2023 02:52:15 GMT
Location
https://www.em.com.br/
Server
azion webserver
css
fonts.googleapis.com/ 		3 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 02:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 01:07:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 02:47:15 GMT
gpt.js
www.googletagservices.com/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01f597672e273ec3ff86e01f7ad707a8144cbb2a0d7685520c31b96b080d4495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29605
x-xss-protection
0
server
cafe
etag
408 / 19647 / m202310120101 / config-hash: 13405835948429687525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:47:15 GMT
ym.js
cdn.membrana.media/emi/ 		414 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/emi/ym.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
0ce91fbc274a6f54f9ceb36cf29736c4f8de1f6c4a4c654069d2071b90333964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-679
cdn-cachedat
10/13/2023 10:13:59
cdn-pullzone
139012
last-modified
Mon, 18 Sep 2023 10:31:29 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
641
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65082701-67966"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
266bd471c79bc78c8ebcb3b173aa511e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
capa.48.141.min.css
css.em.com.br/em/141/dev1/ 		413 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/141/dev1/capa.48.141.min.css?v=5
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a6c7b3f12d189ff1bd6aeb59bde7ab8b6008b509d7d5b57fbb755ebd0d21d13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 21:37:14 GMT
server
nginx
etag
W/"779313b-674d7-601f777891258"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc5cbd60461541d7667e69aa809aa2f76af9e7561a778e64411a716fbcaa290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29604
x-xss-protection
0
server
cafe
etag
85 / 19647 / m202310120101 / config-hash: 13405835948429687525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:47:16 GMT
prebid.js
js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
28552a66ebfe4006b19e8a5507e5df7d2eb285e03207faabc23018f2fdc03cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 16 Aug 2023 18:40:38 GMT
server
nginx
etag
W/"4bb1132b-44eaa-6030ea1c00d01"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
pub-8965259536670465
fundingchoicesmessages.google.com/i/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-8965259536670465?ers=1
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c766776201784cef67fcafe3e26e9da206b585a22ed56b7638dd5d9628cce62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GDuhXvzx5McZmDNiIcOMrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-GDuhXvzx5McZmDNiIcOMrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo-uai-mobile.svg
imgs2.uai.com.br/UAI_2018/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 13:30:00 GMT
server
nginx
etag
W/"a2b7c26-1ce0-5b5a3792dc87a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
client
accounts.google.com/gsi/ 		198 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
326bacb105aee0c9ccd1dda381b8b17d913a5cea963d9e0ca0c7ab7508215327
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VLii9Y5gU3l2hp8xM_AacQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-VLii9Y5gU3l2hp8xM_AacQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 17 Oct 2023 02:47:16 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
268d0c1e0ebc9b7d781aef9bef57cff837a5fbe6e9ced919a09647ad954f64c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 02:47:16 GMT
content-md5
3iQNwtKV67APMWBv9xPpUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
7atOfyxJF+A6BdbYN6b/agRstvuSqlLLzBnaQnj2315E9ONZ7yugnrHc1X8rDRW3Df9gNQVWBALA1jM64T/vLA==
x-fb-content-md5
f96d57479978a81247aff6164b3d5ea0
cross-origin-opener-policy
same-origin-allow-popups
etag
"ad2cff0d06fb6853079448d5124b8142"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:54:19 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-208-159.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 17 Oct 2023 02:47:16 GMT
Last-Modified
Wed, 11 Oct 2023 02:33:57 GMT
Server
Apple
ETag
W/"43171-1696991637839"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
devices-website.png
imgs.em.com.br/em/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/devices-website.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
8dc0df3dba239ddedac87859f71294ed080e4785e88d44566978c87f247dd456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:19:22 GMT
server
nginx
etag
W/"2265c7b6-26a6-5962241eb3cc6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Thu, 16 Nov 2023 02:47:16 GMT
gtm.js
www.googletagmanager.com/ 		243 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1787a0a97913b2d5037f610846e7b9ed74e4083bed6044337d3cc53064d92250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83854
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 02:47:16 GMT
20231016185617607179u.jpg
i.em.com.br/ama5KRhnGxnhVbBWedEd0I3SQ-c=/545x0/smart/imgsapp.em.com.br/portlet/523/22262/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/ama5KRhnGxnhVbBWedEd0I3SQ-c=/545x0/smart/imgsapp.em.com.br/portlet/523/22262/20231016185617607179u.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
e0d64af662ca60854423b7df8cc164bcc6bc5c8b996ad1b7c5b227f6ae13b7f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"ffe5f98f16285c9e66ebe5f5b3b8c7e6e61b35a4"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3394
expires
Thu, 16 Nov 2023 02:47:17 GMT
20231016193421381322e.jpg
i.em.com.br/mwRDtP9Tx318i0F8vSLR9eJLZWE=/545x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/mwRDtP9Tx318i0F8vSLR9eJLZWE=/545x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016193421381322e.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
396d5e04d7c9aed2c14c765598fe70187d6afac900100d1745ab5538c8cac302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"9b1318a866b0f9d61786ed364e789db9c5b8aded"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
11908
expires
Thu, 16 Nov 2023 02:47:17 GMT
20231016192946574515e.jpg
i.em.com.br/sQsvZ919y1MZlTizUErBioaRbFY=/545x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/sQsvZ919y1MZlTizUErBioaRbFY=/545x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016192946574515e.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a8df8a11a11d2b912693ebb1ac05752f679da966c57bcdab0d21c41c5e6c3a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"c05b0cce998c4c1c349be20ed362600a01f7fe66"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
4632
expires
Thu, 16 Nov 2023 02:47:17 GMT
porta-voz-da-onu-e-miss-brasil-em-2022-a-modelo-mia-mamede-deu-declaracoes-que-poderiam-mudar-os-rumos-do-seu-futuro-em-entrevista-para-caras-mia-revelou-que-por-pouco-nao-esteve-n_1_43904.jpg
i.em.com.br/ukUKcSrpJsxtYNhGlNOBgrNMU0I=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/2523/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/ukUKcSrpJsxtYNhGlNOBgrNMU0I=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/2523/porta-voz-da-onu-e-miss-brasil-em-2022-a-modelo-mia-mamede-deu-declaracoes-que-poderiam-mudar-os-rumos-do-seu-futuro-em-entrevista-para-caras-mia-revelou-que-por-pouco-nao-esteve-n_1_43904.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
ded2dce87b907fe2db47172da484a06af7f27ea71c969bdc67711fc67b4aaa66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"73adbf32ab126705ee92ca72f46dd5bc577fb870"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1950
expires
Thu, 16 Nov 2023 02:47:17 GMT
os-castelos-estao-entre-as-principais-atracoes-turisticas-por-toda-a-europa-construidos-desde-o-seculo-10-e-preservados-integralmente-ou-parcialmente-reformados-ou-originais-sao-si_1_52261.jpg
i.em.com.br/Pj0y-AJdR6ER2wmtNF9eKgG83fw=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/825/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/Pj0y-AJdR6ER2wmtNF9eKgG83fw=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/825/os-castelos-estao-entre-as-principais-atracoes-turisticas-por-toda-a-europa-construidos-desde-o-seculo-10-e-preservados-integralmente-ou-parcialmente-reformados-ou-originais-sao-si_1_52261.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
f3cd57fc6c88d3c373a0534272ee6620838f5571a36fdbf9062f2d18f8256589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"d628e9ea650100a9161a2bd9a40d5eaccc627dd6"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1924
expires
Thu, 16 Nov 2023 02:47:17 GMT
a-cantora-taylor-swift-33-vive-um-romance-com-o-jogador-de-futebol-americano-travis-kelce-34_1_41288.jpg
i.em.com.br/rZLk_TbNhTyBc9LuFhokM3jsUZU=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/2522/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/rZLk_TbNhTyBc9LuFhokM3jsUZU=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/2522/a-cantora-taylor-swift-33-vive-um-romance-com-o-jogador-de-futebol-americano-travis-kelce-34_1_41288.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
c4de80c45b6b934c4650c31aaf0f0e997b8935131ef9dcea1e23482763518245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"2caf3c1a9884650277c39ac58e9c3d365d33c79a"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1740
expires
Thu, 16 Nov 2023 02:47:17 GMT
em-kingston-na-australia-uma-mulher-decidiu-ajudar-um-ornitorrinco-ferido-no-meio-fio-e-sem-nenhuma-protecao-conduziu-o-mamifero-semiaquatico-com-as-maos-no-entanto-jenny-forward-n_1_86959.jpg
i.em.com.br/3hOLzR7kCAe87slx-prKLiC2ePg=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/2521/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/3hOLzR7kCAe87slx-prKLiC2ePg=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/2521/em-kingston-na-australia-uma-mulher-decidiu-ajudar-um-ornitorrinco-ferido-no-meio-fio-e-sem-nenhuma-protecao-conduziu-o-mamifero-semiaquatico-com-as-maos-no-entanto-jenny-forward-n_1_86959.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
ede36d17b709069f2cbfe3361c0bb7ba437cce086af3192d6be5dff8c69b8472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"21ce7b7a769ad943f5085bbbbdbd5f23a4270dd7"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
2202
expires
Thu, 16 Nov 2023 02:47:17 GMT
uma-moradora-de-um-condominio-no-bairro-papicu-em-fortaleza-no-ceara-levou-um-susto-ao-receber-uma-multa-por-causa-do-latido-da-sua-cachorra-o-flipar-mostrou-e-republica-para-quem-_1_35986.jpg
i.em.com.br/4kCsXV_9gcwh9VjSPU9fhYyOjDU=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1245/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/4kCsXV_9gcwh9VjSPU9fhYyOjDU=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1245/uma-moradora-de-um-condominio-no-bairro-papicu-em-fortaleza-no-ceara-levou-um-susto-ao-receber-uma-multa-por-causa-do-latido-da-sua-cachorra-o-flipar-mostrou-e-republica-para-quem-_1_35986.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
d224eed3233785fe2df2a510fd3877d41d1adc336430a5d6174a5722cfb12a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"a53e3859fdd95463cfd979b520b14e73016738b7"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3130
expires
Thu, 16 Nov 2023 02:47:17 GMT
hamburgueres-sao-uma-opcao-de-lanche-apreciada-por-muitas-pessoas-alem-do-tradicional-e-possivel-preparar-versoes-com-ingredientes-alternativos-que-saem-do-lugar-comum-veja-algumas_1_41242.jpg
i.em.com.br/gQNRT9dQcjn71RJmB6QuHLz4U9g=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1436/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/gQNRT9dQcjn71RJmB6QuHLz4U9g=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1436/hamburgueres-sao-uma-opcao-de-lanche-apreciada-por-muitas-pessoas-alem-do-tradicional-e-possivel-preparar-versoes-com-ingredientes-alternativos-que-saem-do-lugar-comum-veja-algumas_1_41242.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
7e4b3859f4b1e1df73714ad0aae60606661f29efef79fa128f54221b4fd313ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"7bb690f5c802f5c10981de925e1d89a3b8c4be3a"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3528
expires
Thu, 16 Nov 2023 02:47:17 GMT
o-conde-dracula-e-certamente-um-dos-personagens-mais-iconicos-da-historia-da-literatura-e-posteriormente-do-cinema-de-horror_1_69195.jpg
i.em.com.br/twPUXHsS3aspdMP2BoO-Q-DFqbY=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1986/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/twPUXHsS3aspdMP2BoO-Q-DFqbY=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1986/o-conde-dracula-e-certamente-um-dos-personagens-mais-iconicos-da-historia-da-literatura-e-posteriormente-do-cinema-de-horror_1_69195.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
40ca9e2798822705451a9013820301ddd92b4d95a470bc9350202a6694170e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"d7156fd11de2f32f428397aa7513443a5fbc6e64"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1754
expires
Thu, 16 Nov 2023 02:47:17 GMT
a-italia-impos-um-dress-code-para-os-turistas-que-visitam-o-pais-e-determinou-multa-para-quem-desrespeitar-as-normas-varias-cidades-estao-com-regras-bem-severas-em-relacao-as-roupa_1_205504.jpg
i.em.com.br/yo8Vhr7hSNpSmvDCBg5W6l7xing=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/637/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/yo8Vhr7hSNpSmvDCBg5W6l7xing=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/637/a-italia-impos-um-dress-code-para-os-turistas-que-visitam-o-pais-e-determinou-multa-para-quem-desrespeitar-as-normas-varias-cidades-estao-com-regras-bem-severas-em-relacao-as-roupa_1_205504.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
39d36bef541e34337aedc2e6c29b1d472e5e71f1d6161c91c1132deb6bd4373d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"eb8b9b11a514a9bf7b4d29995fb59afe012b292e"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
2440
expires
Thu, 16 Nov 2023 02:47:17 GMT
quanto-o-assunto-e-viagem-o-instagram-se-tornou-uma-ferramenta-essencial-nao-so-para-publicar-quanto-para-pesquisar-tambem_1_13454.jpg
i.em.com.br/tn1ab2LkcckJl-8qaG_qNHEL-rk=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1023/ 		938 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/tn1ab2LkcckJl-8qaG_qNHEL-rk=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1023/quanto-o-assunto-e-viagem-o-instagram-se-tornou-uma-ferramenta-essencial-nao-so-para-publicar-quanto-para-pesquisar-tambem_1_13454.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
6ddd5655353aab744687e0286d885f5c8fcc39d5f23d94cd4e8b96d83e7475e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"0cca0373a195e531b2846f244b72b712fbe68a80"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
938
expires
Thu, 16 Nov 2023 02:47:17 GMT
quem-e-fa-de-quadrinho-sabe-que-muitos-dos-herois-tem-uma-paixao-por-isso-fizemos-uma-galeria-com-10-casais-famosos-com-historias-emocionantes-as-vezes-alem-do-comum-confira_1_84350.jpg
i.em.com.br/MjalZD7Ciz-RObndJqwUxiUnnS4=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1037/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/MjalZD7Ciz-RObndJqwUxiUnnS4=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1037/quem-e-fa-de-quadrinho-sabe-que-muitos-dos-herois-tem-uma-paixao-por-isso-fizemos-uma-galeria-com-10-casais-famosos-com-historias-emocionantes-as-vezes-alem-do-comum-confira_1_84350.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
4f4cc22ed3594ca3d077070eef064f96204cf08f77f017d4853e2621e4608095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"d17ee5f03966d81c96af7966cc31111817e01c1e"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
4476
expires
Thu, 16 Nov 2023 02:47:17 GMT
existem-muitos-personagens-de-jogos-de-videogame-no-mundo-hoje-em-dia-e-alguns-deles-sao-brasileiros-confira-nesta-galeria-20-personagens-que-representam-a-nossa-nacao-ao-redor-do-_1_108580.jpg
i.em.com.br/YY50LWTiAfOkAc8CYCIuZcqDTUA=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1131/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/YY50LWTiAfOkAc8CYCIuZcqDTUA=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1131/existem-muitos-personagens-de-jogos-de-videogame-no-mundo-hoje-em-dia-e-alguns-deles-sao-brasileiros-confira-nesta-galeria-20-personagens-que-representam-a-nossa-nacao-ao-redor-do-_1_108580.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
d04ac5f8dfdc6455347557a6615fef41a91dcb8c4ae21b1afc7be85f62789431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"efe883cc7f0e6104487c3ae8fd9be6dc0f819ff6"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3492
expires
Thu, 16 Nov 2023 02:47:17 GMT
um-fisiculturista-de-90-anos-tem-feito-sucesso-na-internet-ele-ja-posou-nu-e-foi-parar-no-livro-dos-recordes-conheca-essa-historia-no-flipar_1_21944.png
i.em.com.br/DD6KETw_3d5t211Ewz_Lnkni_Hc=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/451/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/DD6KETw_3d5t211Ewz_Lnkni_Hc=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/451/um-fisiculturista-de-90-anos-tem-feito-sucesso-na-internet-ele-ja-posou-nu-e-foi-parar-no-livro-dos-recordes-conheca-essa-historia-no-flipar_1_21944.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
6826b03d4a6b6301ca8fd3e6b2c44468ac72e974b2d0fa17c0c4837eda0c4af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"79d1dc7963a110b988611761b079e0cb4439a239"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1326
expires
Thu, 16 Nov 2023 02:47:17 GMT
os-desertos-estao-entre-as-formacoes-naturais-mais-curiosas-do-planeta-o-portal-de-meteorologia-climatempo-explica-alguns-tipos-de-deserto-e-o-motivo-de-sua-existencia-_1_57050.jpg
i.em.com.br/v6cmgBLcA-z4zJlnr7Xajj3CtOc=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1077/ 		516 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/v6cmgBLcA-z4zJlnr7Xajj3CtOc=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1077/os-desertos-estao-entre-as-formacoes-naturais-mais-curiosas-do-planeta-o-portal-de-meteorologia-climatempo-explica-alguns-tipos-de-deserto-e-o-motivo-de-sua-existencia-_1_57050.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
3ccce79c0ae266a449dba57b9511b50ba05f755f67c5ca37d68a9347a607b5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"18ab47f0bcd61fcbfcb90babfc9b296678034ea4"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
516
expires
Thu, 16 Nov 2023 02:47:17 GMT
os-farois-sao-estruturas-fundamentais-para-a-protecao-de-navegantes-servem-de-guia-para-a-aproximacao-da-costa-_1_51172.jpg
i.em.com.br/BNXi6XsRdYwFEAysm4qLZU7j8oY=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1972/ 		722 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/BNXi6XsRdYwFEAysm4qLZU7j8oY=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1972/os-farois-sao-estruturas-fundamentais-para-a-protecao-de-navegantes-servem-de-guia-para-a-aproximacao-da-costa-_1_51172.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
120aeb2ec2ee3aa2ab7d67421fe0ae1adafa6bfd3e65735731ad487244634889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"db4ab05c3742b7f5940b156fdb6bbc96d1796ce7"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
722
expires
Thu, 16 Nov 2023 02:47:18 GMT
o-rendimento-domiciliar-per-capita-do-brasil-ficou-em-r-1625-em-2022-conforme-novo-levantamento-pelo-instituto-brasileiro-de-geografia-e-estatistica-ibge_1_166278.jpg
i.em.com.br/L8yixRZ8NtP__g6mslJOdxOWhr0=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1280/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/L8yixRZ8NtP__g6mslJOdxOWhr0=/150x150/smart/imgsapp.em.com.br/app/noticia_169039419609/2023/10/16/1280/o-rendimento-domiciliar-per-capita-do-brasil-ficou-em-r-1625-em-2022-conforme-novo-levantamento-pelo-instituto-brasileiro-de-geografia-e-estatistica-ibge_1_166278.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
7df78d7c6fdec9aedc4040d17dbb0c735ed773a5e59a2640a856a30bf485e167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"5d26b639b1c3da05c04202aa5b251e9f2aa9301b"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3298
expires
Thu, 16 Nov 2023 02:47:17 GMT
20231016233108111955e.jpg
i.em.com.br/rC1MeUTMjfCfE4kbqigXWAojHVs=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/rC1MeUTMjfCfE4kbqigXWAojHVs=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016233108111955e.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
93d1c327fd0e3de1ccad79cff535c836a4dcb311fc78a8054b0a6b71782101bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"a18b121673aa454600826c9579f4ee21cbb9878b"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
5116
expires
Thu, 16 Nov 2023 02:47:18 GMT
20231016233108442822e.jpg
i.em.com.br/2jflafZEqogBw7eBzoWwzE-N7dY=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/2jflafZEqogBw7eBzoWwzE-N7dY=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016233108442822e.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
e0664b32f1605ba64e579f0bd782bb6c368a71b4a73ecbd52ef3591bf4a289b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"f9e67c9188c3cf9bf94f847bfec490b89e206fa8"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
4470
expires
Thu, 16 Nov 2023 02:47:18 GMT
20231016233108415171a.jpg
i.em.com.br/c1E8DeIbdylKEpPmpPf8fHwYWg4=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/c1E8DeIbdylKEpPmpPf8fHwYWg4=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016233108415171a.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
61a77793431518ad283c7983b2d2e33a393eb01e424ebff0c4a6c76db485ec06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"c7c544c9432930df4695e73322df358a576d972c"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
4416
expires
Thu, 16 Nov 2023 02:47:18 GMT
placeholder.png
imgs.em.com.br/em/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/placeholder.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
ec2b997f9a42928846dda27375896a0e2c3fb57724a22cf9f281826e7e29c0f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:45:29 GMT
server
nginx
etag
W/"225acaf1-f15-596229f51d59c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Thu, 16 Nov 2023 02:47:16 GMT
20231016233105514964i.jpg
i.em.com.br/ycv9MhQZfBWIwIilfNS8WbsHtMM=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/ycv9MhQZfBWIwIilfNS8WbsHtMM=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016233105514964i.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
898808670bd1c749e2a3a2476515cd8bf2f449c24c9697d5ec566150dfee7a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"09a041f50c713b71da38faa74ec72f0482a0a32d"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3796
expires
Thu, 16 Nov 2023 02:47:18 GMT
charge_1_40069.jpg
i.em.com.br/cTU_PJY4PPABxZhqtoJnio_IHp0=/fit-in/322x240/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/10/16/1576919/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/cTU_PJY4PPABxZhqtoJnio_IHp0=/fit-in/322x240/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/10/16/1576919/charge_1_40069.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
178ed49959865160110187a44f8ab43d0da3364919448af72d3ebc49069cf2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"c02aa5baab2e36270619c08390a2672e5a1f232e"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3996
expires
Thu, 16 Nov 2023 02:47:17 GMT
charge_1_59635.jpg
i.em.com.br/zEZhumUuv3hHAN3YNCvcWd1iLgs=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/10/15/1576634/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/zEZhumUuv3hHAN3YNCvcWd1iLgs=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/10/15/1576634/charge_1_59635.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
9ae321aa9ba8987700b3060f1d6adca1673bf866bd1c39e8d9170410e26d8fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"744f794ac49fe3075a520ffcfb139eccd87364b9"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
11486
expires
Thu, 16 Nov 2023 02:47:17 GMT
charge_1_91800.jpg
i.em.com.br/I5OSaiVEf32jLL_tdbcp2LNaolQ=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/10/13/1575891/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/I5OSaiVEf32jLL_tdbcp2LNaolQ=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/10/13/1575891/charge_1_91800.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
e5d2bf92185604ad94ff4b52335ed857a5cfc04ed3c5138724bfdc4aa034e9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"3c7460bc35a48cbfa6fddabdab40f1a83b148fce"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
17714
expires
Thu, 16 Nov 2023 02:47:17 GMT
kleber_1_59253.jpg
i.em.com.br/i-lhCmJgWOXovQje4RxZZtS_bzU=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/09/24/1566272/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/i-lhCmJgWOXovQje4RxZZtS_bzU=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/09/24/1566272/kleber_1_59253.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
252eeab6a30553ca0565cdd60fcdbdcebea3166a145332d957459c50a2135c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"5e5d627f1891116d1df0efd8b77f11063fa87c1d"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
13472
expires
Thu, 16 Nov 2023 02:47:17 GMT
kleber_1_58668.jpg
i.em.com.br/E4PqPmLak04f_KBEI_prZEgIVF4=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/09/17/1562864/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/E4PqPmLak04f_KBEI_prZEgIVF4=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/09/17/1562864/kleber_1_58668.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
5d0fab8a73562905681c62a54ba5ce0d7274e9c0a4e58511c692d56867f535a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"a8e80760b3585a6f87132bdbab72d11f7f2cc74b"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
12142
expires
Thu, 16 Nov 2023 02:47:17 GMT
charge_1_62069.jpg
i.em.com.br/mrWuJK-gzdtNz9IFnpGgLXTuK7I=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/09/15/1562108/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/mrWuJK-gzdtNz9IFnpGgLXTuK7I=/fit-in/500x380/smart/filters:fill(fff)/imgsapp.em.com.br/app/noticia_127983242361/2023/09/15/1562108/charge_1_62069.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
109f4d8aae8194fbb7b7d33ab03ebcb94769b33a182ec064860d8cb3b42a7d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"8047a7789d18ec7c11adc15372c10af6e227cb7d"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
13306
expires
Thu, 16 Nov 2023 02:47:17 GMT
_1_372535.jpg
i.em.com.br/Iv6QczZIrGR78c6b3-92liev8PQ=/140x80/top/imgsapp.em.com.br/app/noticia_127983242361/2023/10/16/1576977/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/Iv6QczZIrGR78c6b3-92liev8PQ=/140x80/top/imgsapp.em.com.br/app/noticia_127983242361/2023/10/16/1576977/_1_372535.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
5eb361dd7908941a76dcdf6ef1dc43182f0b1c87d467fd9d96a90c34a21bfb4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"f7902cde9b77842618fb5a716fef6741d8031c76"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
2120
expires
Thu, 16 Nov 2023 02:47:17 GMT
actionsHeader.149.min.js
js.em.com.br/em/149/dev/ 		351 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.em.com.br/em/149/dev/actionsHeader.149.min.js?v=4
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
ff543925050f2529339de24db397e0e6f94855bde61b8f7b657e5f6023c3983b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 13:36:59 GMT
server
nginx
etag
W/"8d3f73b0-57a57-5e775798ba7bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
capa.153.min.js
js.em.com.br/em/153/dev3/ 		917 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.em.com.br/em/153/dev3/capa.153.min.js?v=3
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
324697c5314f04ed57f3dee2483d7c1d533f9172d6d4daa4d4e9cb972b0d76e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 28 Jul 2023 21:33:38 GMT
server
nginx
etag
W/"c9697f52-e539f-60192d57dba77"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
swg.149.min.js
js.em.com.br/em/149/dev/ 		401 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.em.com.br/em/149/dev/swg.149.min.js?v=4
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
d6b8e0e0d438ecc28c4bb0bb3dbdf9b9762252c85d774843758f9d83e0244ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 13:37:00 GMT
server
nginx
etag
W/"8d3f73be-642bb-5e7757992e734"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1102
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81753746bca32c4f-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 02:47:16 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
38435
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 15 Oct 2024 16:06:41 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host:
URL: webpack:///./src/assets/javascripts/Analytics.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 01:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3343
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 03:51:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95a6fde244ecba5dfd1e61116e5b1a349dea72bc82b386c8f5abff33cefc0c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:23:34 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:49:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1422
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
nVXr-Nven06KQl371iPdQrB_ofYYga2KlYdXjkQxqEDJh-t5-C0VsQ==
loader.js
cdn.taboola.com/libtrc/diariosassociados-em/ 		832 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9367a1fb1273bafa7d3276faa7696fee47612ed92efa9ca48f853c99dc5b8170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
8FdEp4q_on781URAN_ibKC6B5DSN3enK
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:16 GMT
x-amz-request-id
VBJNVGXC9KNXPPDE
age
8992
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
10
x-amz-replication-status
FAILED
content-length
64703
x-amz-id-2
TYirbKSwop2YPnctfFMG4LEaYw//DaxLkz+rdCC2fnwqqjpygO6J9g3Ccu1wg311MnxCK9Eg0Kc=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Tue, 17 Oct 2023 00:17:24 UTC
server
nginx
x-timer
S1697510836.276482,VS0,VE1
etag
"17042e66c33ecdea75d8b7107e5a0c702c767274"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
10
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
268d0c1e0ebc9b7d781aef9bef57cff837a5fbe6e9ced919a09647ad954f64c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 02:47:16 GMT
content-md5
3iQNwtKV67APMWBv9xPpUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
7atOfyxJF+A6BdbYN6b/agRstvuSqlLLzBnaQnj2315E9ONZ7yugnrHc1X8rDRW3Df9gNQVWBALA1jM64T/vLA==
x-fb-content-md5
f96d57479978a81247aff6164b3d5ea0
cross-origin-opener-policy
same-origin-allow-popups
etag
"ad2cff0d06fb6853079448d5124b8142"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 17 Oct 2023 02:54:19 GMT
roboto-regular.woff2
css.em.com.br/em/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/fonts/roboto-regular.woff2
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a0516d91dead3fa38bef64683d087460753209e723db56ce3ee1fcb1dbd84162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 May 2017 18:17:48 GMT
server
nginx
etag
W/"55e5bdf4-4d20-550715ac5eb00"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
sdk.js
connect.facebook.net/pt_BR/ 		304 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=f7b112e36860b2218bc9a0cd8f1c6914
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2393d6a360e0ddf705ec8090d60b5929afa99a6c06f1a2fef57583361db78370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 02:47:16 GMT
content-md5
oxBr3IjuxCwSQi9cgGeIrQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88181
x-fb-debug
pX/HjIMejTH+L6e3azdh7Gn2a4P13C+CokU3QVQojkjYGwr12v01uPmVeRla1RPNt0cEE5rMXD+Q4Q7L9kCgrw==
x-fb-content-md5
34c3aa6d6ebd1ad1f6da32364aa6fdc7
cross-origin-opener-policy
same-origin-allow-popups
etag
"71cb2f6a4abf1ebf2ff4e81478345ff8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 16 Oct 2024 00:03:59 GMT
AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ks8xuCGJ1VdO7epYlap6Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ks8xuCGJ1VdO7epYlap6Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.em.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU91SjFTuW1JoEQoHeo5kfile2itZd9AbOHN0ZMMk1kSgDVodH3LOQxLSt-vnjzYk5KsTNvVlXhsjAUi7xjVtvcCH8EihW2zCAJ8SXoYqNn5J0Gx20TYyBOGO0SsCq6V54y5ofwlw==
fundingchoicesmessages.google.com/f/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU91SjFTuW1JoEQoHeo5kfile2itZd9AbOHN0ZMMk1kSgDVodH3LOQxLSt-vnjzYk5KsTNvVlXhsjAUi7xjVtvcCH8EihW2zCAJ8SXoYqNn5J0Gx20TYyBOGO0SsCq6V54y5ofwlw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3NTEwODM2LDEyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZW0uY29tLmJyLyIsbnVsbCxbWzgsIjFqMGVzTnUwUldBIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjEyIl0sWzExLCJbW10sW10sW11dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28a2f6020d1d76483917316cdc84b58820ec162820154cc69f0d3f265e1f6dc6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ISyIqn-0BWX8q7guqGwBdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-ISyIqn-0BWX8q7guqGwBdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.em.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Tue, 17 Oct 2023 02:47:16 GMT
x-amzn-RequestId
ce18076b-6a07-ebe8-93bf-f09f942d7acd
geolocation.json
cdn.membrana.media/ 		3 B
690 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/geolocation.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/emi/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ym-ip
2001:ac8:20:3a00:1012:c5c6:4035:1032
date
Tue, 17 Oct 2023 02:47:16 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-599
cdn-cachedat
10/13/2023 10:13:43
cdn-pullzone
139012
x-ym-country
DE
content-length
3
last-modified
Fri, 11 Mar 2022 13:55:15 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
309
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"622b54c3-3"
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
x-ym-country, x-ym-ip, cdn-requestcountrycode
cache-control
public, max-age=86400
cdn-requestid
86d7ac9de228bb2fa92230309a092725
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
kinesis.us-east-2.amazonaws.com/ 		110 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/emi/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
8fbac4b4c2036b6065e627a957f555753b678aa4b8c8520206ab6046b5634fe2

Request headers

Referer
https://www.em.com.br/
X-Amz-Target
Kinesis_20131202.PutRecord
accept-language
de-DE,de;q=0.9
X-Amz-Date
20231017T024716Z
Authorization
AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231017/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=0e15cc9e7d301c8d0eecca5faf3bf51d23b08353c2b3b71197f12c874c3337d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Tue, 17 Oct 2023 02:47:16 GMT
x-amzn-RequestId
dd66ee35-155a-a9d5-80c1-19c14e55f19c
Content-Length
110
x-amz-id-2
Ct0mM89lSC3JrjivZl7e1cV/2ATO1wSqpYlyHNr52BrXZDN3ZzzF+57yb4h27FfriPPEGONe1uSAeEgJyE64yCrj0Gkbeh03
Content-Type
application/x-amz-json-1.1
video.js
cdn.membrana.media/video/ 		339 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/emi/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ed5477876189fda9b1f13c73e89a5cf0b9625ec107716c6d7e1f45859c930b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-164
cdn-cachedat
10/16/2023 16:50:56
cdn-pullzone
139012
last-modified
Mon, 16 Oct 2023 16:50:45 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
637
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652d69e5-54cf4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
716ff707124a5bf970b08df3a179461b
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231017
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/emi/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645ffa5e4bd7d2398eb0639ad31670b6d7fb6c873fa2377d544f69388e932b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38787
x-jsd-version
1.0.1845
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-ZRuZ9/NQ5klnEdrmGlNAHko4Jaw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OfU38jtoYL6uL%2B%2BQDHnQhNSFGDR%2BeTuExoFcq1lFuZArbqzAcA8c7m0q3G9eCT35PCoGah3n%2Fuo3F4c9%2FVRWCsBrtiEzd2N%2BKVLYWmih43%2BVyoQIZwRSdCuHDacK6IkIbcfjJTc9FNebHbf3Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
817537462e3e1987-FRA
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=283&mapped=b69ec9d5-ed54-4601-8f89-a5d75e0514c2&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
centralizador.html
barra.uai.com.br/ Frame A47C 		739 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://barra.uai.com.br/centralizador.html?origem=https://www.em.com.br/
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
content-encoding
gzip
content-type
text/html
date
Tue, 17 Oct 2023 02:47:16 GMT
etag
W/"58a88be0-2e3-54fe3383940c0"
last-modified
Fri, 19 May 2017 16:43:23 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
t3m.js
tags.t.tailtarget.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10258-0/CT-142
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
729ef5dba5dd3dfa5fb679668748d75561ac5f610d818a6ba8f057e8040112b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:16:27 GMT
content-encoding
gzip
via
1.1 google
age
5449
x-guploader-uploadid
ADPycdtdPcLq-5lcNMWmFrJRyy4mOh6rrXOy3AsW4Ol7vuC8RUZb5gxyABgencoSA7xoYpilvfw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6274
last-modified
Fri, 25 Oct 2019 19:37:34 GMT
server
nginx/1.8.1
etag
"664b1613d7439b3addaf3096d741aa27"
vary
Accept-Encoding
x-goog-generation
1572032254559073
x-goog-hash
md5=ZksWE9dDmzrdrzCW10GqJw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6274
accept-ranges
bytes
expires
Tue, 17 Oct 2023 03:16:27 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-77.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
OU1YUP7a9LDvt3kqgXcmD3JxbGQ0Oc42
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 07:33:25 GMT
x-amz-cf-pop
FRA56-P2
age
69232
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 21 Jul 2023 16:46:52 GMT
server
AmazonS3
etag
W/"506b77334f6f1b5820e62dd0b41d4b37"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
WIB4gDN8ObSgjnnhfS7vlc0-KybmxVGnLOgNfo_YgMSVjXhiqLfFlA==
js
www.googletagmanager.com/gtag/ 		253 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2933ca909c8b9940b20c8cafac431b870fb8f0d99bc41c1217697592a33267b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 02:47:16 GMT
undefined
scoring.deep.bi/score/4Dme4NTJxoPw/ 		0
0
sprite.48.svg
imgs.em.com.br/em/ 		297 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/sprite.48.svg
Requested by
Host: css.em.com.br
URL: https://css.em.com.br/em/141/dev1/capa.48.141.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
4cf753c1ce23c690959ba1b59e6527be184cd38e332499514daea51b4292d0d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://css.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 18:39:26 GMT
server
nginx
etag
W/"726dc57-4a3c4-5e998d8e6efe6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
pattern.png
imgs.em.com.br/em/ 		110 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/pattern.png
Requested by
Host: css.em.com.br
URL: https://css.em.com.br/em/141/dev1/capa.48.141.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
12e5c96d95cc1c88a0c18625024b221fa7f7ad7e4069740f3217b87a79a44b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://css.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 15 Sep 2017 18:26:29 GMT
server
nginx
etag
"174e4065-6e-5593e880dbf40"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
110
expires
Thu, 16 Nov 2023 02:47:16 GMT
merriweather.woff2
css.em.com.br/em/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/fonts/merriweather.woff2
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
53be0578f87f1f73d305110acb20730521d0056775c76d688a5008c7781c7180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 May 2017 18:17:48 GMT
server
nginx
etag
W/"55e5bdf2-5b98-550715ac5eb00"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
newsroom.js
c2.taboola.com/nr/diariosassociados-em/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/diariosassociados-em/newsroom.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf3b6fe29869190115eb9993292db2febc2e35b4612c2a89d6457d94da0c875b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:16 GMT
x-amz-request-id
2KZNM5V25AEVEAZD
age
60
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
18126
x-amz-id-2
TeycliQrLO4xe+n9tMGWxHaW6L2QSqZwV0o/MaCULAtnTxZmUPgI+atkjCvkcwlNk7rTTvbJtVY=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Thu, 03 Aug 2023 20:34:47 GMT
server
AmazonS3
x-timer
S1697510836.352139,VS0,VE0
etag
"415a833f3a5f6f56242277949aff867f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
2
20230908123103162855o.jpg
i.em.com.br/uDQiLnbiCCwTIvi4OrlLO3215gM=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2023/08/31/95/ 		850 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/uDQiLnbiCCwTIvi4OrlLO3215gM=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2023/08/31/95/20230908123103162855o.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
b46cca6f049ea9bfd7c451bc045d751d7bfd503b0a8350b9415a64b507892347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"132bd16397720f0c7a3fefe04b19dfcbf2601a9f"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
850
expires
Thu, 16 Nov 2023 02:47:17 GMT
20231008193204802117u.jpg
i.em.com.br/miJtQ2XkSZqImBvuaM66UHUbnn4=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2023/08/04/92/ 		708 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/miJtQ2XkSZqImBvuaM66UHUbnn4=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2023/08/04/92/20231008193204802117u.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
da024352d54d92378d67e68750ea958461df48224df43736a9aabd05633f9662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"2be62cd4f9ef7e6b4879a87d435ae08c41c83f6b"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
708
expires
Thu, 16 Nov 2023 02:47:17 GMT
20230810155005498504o.jpg
i.em.com.br/92gQgAi9GV5Y5TIqnWTeN5pmMts=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2021/08/19/74/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/92gQgAi9GV5Y5TIqnWTeN5pmMts=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2021/08/19/74/20230810155005498504o.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
878d2bf7031e65587a91d2a57c71cf335bf4aeddf5386729646aad8e8dabd443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"933a9155dc7b193beae8cd0fccb94b314759c540"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1440
expires
Thu, 16 Nov 2023 02:47:17 GMT
20230816160406502753i.jpg
i.em.com.br/bepVF8CMaYwQyibHeRqJ4zBDUZ4=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2019/04/08/20/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/bepVF8CMaYwQyibHeRqJ4zBDUZ4=/115x115/smart/imgsapp.em.com.br/app/da_conteudo_154394929713/2019/04/08/20/20230816160406502753i.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
89c117d6a7db19de5e56ff06a3385f5456aeabe82c3fe9855f4ac0da8eeecae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"d094a403ffa9eca6c4c0a60ab46b48731f6f3cce"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
1072
expires
Thu, 16 Nov 2023 02:47:17 GMT
_1_372535.jpg
i.em.com.br/X_aEfxf5q4UXbGt4HS_vQLxrMlo=/140x0/imgsapp.em.com.br/app/noticia_127983242361/2023/10/16/1576977/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/X_aEfxf5q4UXbGt4HS_vQLxrMlo=/140x0/imgsapp.em.com.br/app/noticia_127983242361/2023/10/16/1576977/_1_372535.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
f5ef3fa9eb3f2d96ff416a86c84fdb921ec107dd1596686a9f0cc1baa4832bd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"040cccaf1fc3f38f8f6db9daa4b20cbfa0d19d9d"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3560
expires
Thu, 16 Nov 2023 02:47:17 GMT
montagem-com-fotos-de-pecas-do-museu_1_106211.jpg
i.em.com.br/dAct2Gbc5eMwaExil9iKTX2ECuo=/650x560/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/10/06/1572882/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/dAct2Gbc5eMwaExil9iKTX2ECuo=/650x560/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/10/06/1572882/montagem-com-fotos-de-pecas-do-museu_1_106211.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
ee85c6391403588f6268263dc151d4d74e644fe1f0ca4000b6808dbb0771516b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"7f2bcebb21d69e31e15b997995b4dda91b49b1f5"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
16018
expires
Thu, 16 Nov 2023 02:47:17 GMT
montagem-com-4-fotos-das-cidades-de-costa-sena-barbacena-varzea-do-marcal-e-juiz-de-fora_1_119956.jpg
i.em.com.br/a8fhi2cKA2tGF6D6hJVGLaJApHw=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/30/1569287/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/a8fhi2cKA2tGF6D6hJVGLaJApHw=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/30/1569287/montagem-com-4-fotos-das-cidades-de-costa-sena-barbacena-varzea-do-marcal-e-juiz-de-fora_1_119956.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
acdd42702882bab24475437ae8b810331d75eac394f54086b3e8f38b99c7b612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"8724db1dc7956b04f808ed0b154c1683a24fcabd"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
5762
expires
Thu, 16 Nov 2023 02:47:17 GMT
imagem-criada-em-computador-de-como-seria-o-largo-do-rosario-em-bh-no-seculo-19_1_46475.jpg
i.em.com.br/p3sST4O0fPIezfnrYOT2jS3NBE4=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/22/1565840/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/p3sST4O0fPIezfnrYOT2jS3NBE4=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/22/1565840/imagem-criada-em-computador-de-como-seria-o-largo-do-rosario-em-bh-no-seculo-19_1_46475.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
5479d10ccbc5deb04f6226416b203327fb4824f682413d0b3f5c4869efa0d1ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"955afb12dc5c4c44f2a117bdc259a5a16c4afdba"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
2800
expires
Thu, 16 Nov 2023 02:47:17 GMT
montagem-de-fotos-de-arvores-de-bh_1_101562.jpg
i.em.com.br/R6VAEhlvslK_jJ7xEYO636oANLc=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/15/1562372/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/R6VAEhlvslK_jJ7xEYO636oANLc=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/15/1562372/montagem-de-fotos-de-arvores-de-bh_1_101562.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
4137b97b53a87bcfc380de7c80bea4154c5c4e12573766c3457c36ffbd0a3a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"eb3e42be8eeab3ae6feee2540ea0a6d2ad4ec5b3"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
9658
expires
Thu, 16 Nov 2023 02:47:17 GMT
arte-sobre-foto-do-arquivo-em-sobre-visita-dos-reis-da-belgica-a-bh-em-1920_1_71149.jpg
i.em.com.br/ihtM1PVnJoO5KON61WpRi8bwgp8=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/08/1558500/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/ihtM1PVnJoO5KON61WpRi8bwgp8=/360x260/smart/imgsapp.em.com.br/app/noticia_127983242361/2023/09/08/1558500/arte-sobre-foto-do-arquivo-em-sobre-visita-dos-reis-da-belgica-a-bh-em-1920_1_71149.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
3d2bff46ab06cd3e8475e91632039a3cfee6341e6fb15ecf74a03e4dc5891c30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"f65ae43712ba054c19dc54e32f1f7488c60c4b53"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
8652
expires
Thu, 16 Nov 2023 02:47:17 GMT
widget-da-newsletter-capa.js
js.em.com.br/widgets/newsletter-capa/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.em.com.br/widgets/newsletter-capa/widget-da-newsletter-capa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
25f547a38688056db912c3f924931e3409902038641582cbc480f2b2747e153f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 07 Oct 2021 01:14:19 GMT
server
nginx
etag
W/"a2b294c-1bd2-5cdb8fb6c4576"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 24 Oct 2023 02:47:16 GMT
eyJEQUFVVUlEIjoiMjZoc3EwdTgtOHk0NWJuMjQ5bC1sMDdqenExOXYyMGYifQ==
t.em.com.br/b/ 		0
41 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.em.com.br/b/eyJEQUFVVUlEIjoiMjZoc3EwdTgtOHk0NWJuMjQ5bC1sMDdqenExOXYyMGYifQ==
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:564::1156 , Brazil, ASN20044 (SA ESTADO DE MINAS, BR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
server
nginx
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
388
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
817537477c1718e9-FRA
expires
Tue, 17 Oct 2023 03:40:48 GMT
/
kinesis.us-east-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.em.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Tue, 17 Oct 2023 02:47:16 GMT
x-amzn-RequestId
fb91fae4-afc0-7733-a636-0d1051eae616
geolocation.json
cdn.membrana.media/ 		3 B
689 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/geolocation.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ym-ip
2001:ac8:20:3a00:1012:c5c6:4035:1032
date
Tue, 17 Oct 2023 02:47:16 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-599
cdn-cachedat
10/13/2023 10:13:43
cdn-pullzone
139012
x-ym-country
DE
content-length
3
last-modified
Fri, 11 Mar 2022 13:55:15 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
309
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"622b54c3-3"
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
x-ym-country, x-ym-ip, cdn-requestcountrycode
cache-control
public, max-age=86400
cdn-requestid
ec3a55f00451b554a6b7a487a9d378bd
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
vpaid
server.smartytech.io/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.smartytech.io/vpaid?id=45&referer=https%3A%2F%2Fwww.em.com.br%2F
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.110.145 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3225527.ip-146-59-110.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.em.com.br
date
Tue, 17 Oct 2023 02:47:16 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
x-content-type-options
nosniff
server
nginx
/
kinesis.us-east-2.amazonaws.com/ 		110 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
7f30b4cd11609a724ffb73703116a00c98451d3977573ccbfcfa48373032137a

Request headers

Referer
https://www.em.com.br/
X-Amz-Target
Kinesis_20131202.PutRecord
accept-language
de-DE,de;q=0.9
X-Amz-Date
20231017T024716Z
Authorization
AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231017/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=914ecf187854632c8f3511d1457336bc6dee76e2cdcc068cf992cc54ce8c8c1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Tue, 17 Oct 2023 02:47:16 GMT
x-amzn-RequestId
cc00694c-136c-10f3-91a7-9eb8ed4681d6
Content-Length
110
x-amz-id-2
CaFHJiGA8rcQTej7D/FNEuP1HA1fVKim0uEGJZ5Be83tLrVeP2mKv8kTPtZch1LH9MpTWDRFZuFStWdGIketFvN5pL+BU92s
Content-Type
application/x-amz-json-1.1
load_playlist_attempt
ym-tack.b-cdn.net/ 		688 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/load_playlist_attempt?sellbe;EMI;https://cdn.membrana.media/video/uai/desktop/videoSources.json;9b0ee429-a9f5-4aaa-846f-f9cee4004297
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-661
cdn-cachedat
10/17/2023 02:47:16
cdn-pullzone
749406
content-length
688
server
BunnyCDN-DE1-1077
cdn-fileserver
256
cdn-requestpullcode
405
cdn-proxyver
1.04
etag
"64e0660d-2b0"
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=0
cdn-requestid
af0054bfaa4f42a1c939a70ff6702afc
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
videoSources.json
cdn.membrana.media/video/uai/desktop/ 		291 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/uai/desktop/videoSources.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
4ebc72f5fe8f72db00d2b78f702641e48d8a118b56f7b223098b245590b24831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-588
cdn-cachedat
10/13/2023 10:14:48
cdn-pullzone
139012
last-modified
Wed, 11 Oct 2023 01:37:28 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
659
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6525fc58-123"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
6dd545c5164339a8d01a3e2d237eab0f
timing-allow-origin
*
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video-js.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18836327
x-jsd-version
7.10.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230071-FRA, cache-yyz4564-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWnIVxYzHz0%2FYT%2F68o9ND%2FNElE82%2F0bxfzhanIzF2Zo5pXkrCrhK%2FLFlJin0zZW%2BI6F2xZaNnrGhdVItc36%2FczFiux1IVcSQpw001cT8vPuUd8VjSLBUrZVW4X85IllX90oP7FSnhJ10%2Fpncwdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
817537475d5e03ec-FRA
video.min.js
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 		507 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20456019
x-jsd-version
7.10.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra19170-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"7ea72-NUHhQfHLDs+4qjHF6W3MzXuUrNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ggWU86tFLsuNxgEok8kCBXKVcTLDaV7vy%2BmFlZDBmtAEEkiw6xNAggKFXAc9dM%2BujBanUZ1kE6Nf%2F7wBNe5Y94gD4QiMxqrZtWHUydj%2BnD7l%2Fs%2F7qOp0qvCEyxb%2BhAPmQo0rh0395QvK%2FQH%2BWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
817537475d5f03ec-FRA
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1827025592&t=pageview&_s=1&dl=https%3A%2F%2Fwww.em.com.br%2F&ul=en-us&de=windows-1252&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=182349945&gjid=881609178&cid=1777242772.1697510836&tid=UA-17658134-1&_gid=1498474664.1697510836&_slc=1&cd7=Nao&cd2=Nao&z=811205445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17658134-1&cid=1777242772.1697510836&jid=182349945&gjid=881609178&_gid=1498474664.1697510836&_u=YGBAgEABAAAAAGAAI~&z=1313846752
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1827025592&t=pageview&_s=1&dl=https%3A%2F%2Fwww.em.com.br%2F&ul=en-us&de=windows-1252&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGhAAEABAAAAAGAAM~&jid=1165813483&gjid=1374237935&cid=1777242772.1697510836&tid=UA-84889824-1&_gid=1776512356.1697510836&_r=1&_slc=1&z=1886263411
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de88c653b12c1c514f655430617e2c40277072baee3417cb4035978cb31d61d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
load.js
pm-widget.taboola.com/diariosassociados-em/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/diariosassociados-em/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9778e94d326ed6da8b069c5870e679fd878464e3060a70ab70207d84471ca92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
OcN73Q2VE8Tet9LjtUKXqXBBl6WAdk6a
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:16 GMT
x-amz-request-id
WNBKHEHPC2CGF6MK
age
2869
x-cache
HIT
content-length
1190
x-amz-id-2
cH86DMh9TIPccs3bcAvAebc40Wi9bFVFivAjmU3q7KkIPTDbVACTvx/pEFxvWNjqezQZEXt0Ov4=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Fri, 29 Sep 2023 08:44:17 GMT
server
AmazonS3
x-timer
S1697510836.485230,VS0,VE1
etag
"41d72421577164459bef8268c3a8e62f"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231016-4-RELEASE.js
cdn.taboola.com/libtrc/ 		813 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0a846592fd654f068860c197a04938d75c7c62c5ebd190102315a0a7eb071228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
zbn_dU6HFlypkvuVQd6l5XeXB8w00eUb
content-encoding
br
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:16 GMT
x-amz-request-id
ATVSHA0MC2S2M438
age
28180
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172178
x-amz-id-2
RXqjMshk23p3T1Hu90yW6KgBwRqg9PKG5lnu31smtX8O0SrpX83QMEN3mThKn1n4pbLfzCEUUYA=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Mon, 16 Oct 2023 10:57:37 GMT
server
AmazonS3-br
x-timer
S1697510836.430450,VS0,VE0
etag
"dacd34620c02467bca7e53d203a520d4"
vary
Accept-Encoding
content-type
application/javascript
abp
87
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
54007
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KFBFMPM6S4&gtm=45je3ab0&_p=1827025592&_gaz=1&cid=1777242772.1697510836&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697510836&sct=1&seg=0&dl=https%3A%2F%2Fwww.em.com.br%2F&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KFBFMPM6S4&cid=1777242772.1697510836&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KFBFMPM6S4&cid=1777242772.1697510836&gtm=45je3ab0&aip=1&z=737285905
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=3363264326249379&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&didk=2631747159&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836578&lmt=1697503636&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=3975483387&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
809345d38430343f7bcd28cdf7640d93629826983e80aa9a3ea62d35a4ae8868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
645
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D06 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:16 GMT
expires
Wed, 16 Oct 2024 02:47:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec7710a650b621ea7fd763b57a58628b3aa3143f650aa845c0c9f745a364b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:56:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
35433
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13431
x-xss-protection
0
server
cafe
etag
18436352097195468274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 15 Oct 2024 16:56:43 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84889824-1&cid=1777242772.1697510836&jid=1165813483&gjid=1374237935&_gid=1776512356.1697510836&_u=YGhAAEABAAAAAGAAM~&z=1520154267
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PXLPNKGTKV&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3745270593305e1cef4c840a55535974b65818555ed98b92ef40adf2d2d4143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82086
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 02:47:16 GMT
/
kinesis.us-east-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.em.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Tue, 17 Oct 2023 02:47:16 GMT
x-amzn-RequestId
ee6ef7fb-0e44-a9b6-b3c9-000f973bfd11
/
kinesis.us-east-2.amazonaws.com/ 		110 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
7f68a83582fce1898760685332cf9508e124d33cdb8312424e59498a336252be

Request headers

Referer
https://www.em.com.br/
X-Amz-Target
Kinesis_20131202.PutRecord
accept-language
de-DE,de;q=0.9
X-Amz-Date
20231017T024716Z
Authorization
AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231017/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=f26dc5d1459588e22276ec8d5099822c4e149013d9929a580af3aec6397f4cfb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Tue, 17 Oct 2023 02:47:16 GMT
x-amzn-RequestId
f99799ad-c040-5cc2-a430-6e59593f0865
Content-Length
110
x-amz-id-2
nN5os/oz6Cv/xzX/rfgjcu+quhnyk0W1eWzZuC/9EX5S/fPcl+8kpMK5YS/cpxhBV6fYhTdTNm96EgGmlz9NS12RdCdw4Q2D
Content-Type
application/x-amz-json-1.1
load_playlist_success
ym-tack.b-cdn.net/ 		688 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/load_playlist_success?sellbe;EMI;https://cdn.membrana.media/video/uai/desktop/videoSources.json;9b0ee429-a9f5-4aaa-846f-f9cee4004297
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-168
cdn-cachedat
10/17/2023 02:47:16
cdn-pullzone
749406
content-length
688
server
BunnyCDN-DE1-1077
cdn-fileserver
332
cdn-requestpullcode
405
cdn-proxyver
1.04
etag
"64e06680-2b0"
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=0
cdn-requestid
8b2f654b47767221fd3389160d6f6b73
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfcbccb8bb1c0b24d9f336c71f040994b76415cf0ea642e0d6d2f02454f98713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43425
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 02:47:16 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		601 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=3354919332710255&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&didk=2109236465&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836634&lmt=1697503636&adxs=0&adys=38&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x8726&msz=0x0&fws=0&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&prev_scp=identificador%3Dem-publicidade-patrocinio-2%26formato%3Dpatrocinio-1x1&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=354791775&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63c7964f325185a3d4c7a587939bf3d477390f571e690b219491357e60881860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=2586982151462949&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&didk=2109236464&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836639&lmt=1697503636&adxs=0&adys=38&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x8726&msz=0x0&fws=0&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&prev_scp=identificador%3Dem-publicidade-patrocinio-3%26formato%3Dpatrocinio-1x1&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=354791768&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1591818754cf35d267bcce9715f3601472053e12fe59242658ccf7144daf653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6145
x-xss-protection
0
google-lineitem-id
6396527510
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449751102
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		601 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=4450965888276230&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&didk=2508136072&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836646&lmt=1697503636&adxs=0&adys=38&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x8726&msz=0x0&fws=0&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&prev_scp=identificador%3Dpublicidade-slider-1x1%26formato%3Dslider-1x1%26pos%3D0&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=358948280&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f60ab744478aa33b3ad4d5ffa86a1904c470e6f1e8bb1c20c72bbd56a3277f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=4166334034540591&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&didk=2109236466&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836649&lmt=1697503636&adxs=0&adys=38&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x8726&msz=0x0&fws=0&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&prev_scp=identificador%3Dem-publicidade-patrocinio-1%26formato%3Dpatrocinio-1x1&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=354791774&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8dd84ec966d693e0055516678e44793b04016733ca25b13c29c2e5396a30049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6137
x-xss-protection
0
google-lineitem-id
6396527510
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449751102
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=1253666572249485&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&didk=3472979026&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836653&lmt=1697503636&adxs=0&adys=38&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x8726&msz=0x0&fws=0&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&prev_scp=formato%3Ddhtml-1x1%26pos%3D0&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=937864173&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fce6a4ad3e471932ff88b4829d27405cfc8a319fc06f87ff7c036e9da7d5a201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4414
x-xss-protection
0
google-lineitem-id
6384518530
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446956323
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		601 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=1813043061836072&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=7&didk=35042332&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697510836656&lmt=1697503636&adxs=0&adys=38&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x8726&msz=0x0&fws=0&ohw=0&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&dlt=1697510835407&idt=1096&prev_scp=identificador%3Dpublicidade-slider-1x1-extra%26formato%3Dslider-1x1-extra%26pos%3D0&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=2774688984&frm=20
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98268f12064e8baaf478ad78e4ed66ba07bbbc117079da83542fa9e9c57e5dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e896768a-4818-43b9-8848-9bdc9a567fdb
config.aps.amazon-adsystem.com/configs/ 		537 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/e896768a-4818-43b9-8848-9bdc9a567fdb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
0c40cb69307b8caa0699456190ccf595475b5ddfeb1ad5a6dbb07b4fc72777a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:37:44 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
572
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
0nQPN_PXVaGhVauklEkTPDFpWiWMaDqAONdj_gJwEY9a6xoPX_bR8g==
config
c.amazon-adsystem.com/cdn/prod/ 		647 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.em.com.br&pubid=e896768a-4818-43b9-8848-9bdc9a567fdb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6a168c5162134320b24bd4d33dcc17aca8607090021f791cffc523d6463e19fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 23:23:19 GMT
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
12237
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.em.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
647
x-amz-cf-id
eRJfMwIK3X_RA5qCbA9wNCg_3KQKX-n6pQNlIA7wEqzpKoMugeE2eA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 06:01:48 GMT
x-amz-cf-pop
FRA56-P6
age
74788
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rSsX_X9yBbFrtcOFPGmggSWlPVn5f74xTAhIWyUaalCQpDenGNd_6A==
profiles.js
d.tailtarget.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:44:32 GMT
content-encoding
gzip
age
32564
x-guploader-uploadid
ADPycdvA-EgyyeSjaAz8UC42M3FvE7-oOmxHVXJkvYf7h0oHGQUVyzb30k4m4xprJolfuqjUnpEIk_kSSzjR-QKIrWww
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5287
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"275a2ca262b6a5880df533bb6481142a"
x-goog-hash
crc32c=Z8R9Yw==, md5=J1osomK2pYgN9TO7ZIEUKg==
x-goog-generation
1694696370292847
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5287
accept-ranges
bytes
expires
Tue, 17 Oct 2023 17:44:32 GMT
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfcbca5f0ec7aff19873aaa7549b1d707e99341dc955d0a470d2204eb695151d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2wv74L4PUkUw8ytMV.GVtZ7ESxCnCvrg
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 02:40:24 GMT
x-amz-cf-pop
FRA56-C2
age
413
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:df93851b-45a1-4c6e-8d06-5a0a28afcfdb
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
bab004dc3646564a04caf2dfb15bd632
last-modified
Thu, 05 Oct 2023 12:06:35 GMT
server
AmazonS3
etag
W/"cf95a382ff5867af0a1fba09fa5687a8"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
606068609e52652b939bf8bf8216916f19575fb6d57ee8746f72cddfe11a4001
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
EcM6lPw40DaNc1gpDX1kughzIsT8_HXGdicy9c3OA83qMSVfbZgSXQ==
89454
tag.navdmp.com/u/ 		507 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/89454
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a4a88f417264926d8c52323a80416fed1bd8162185a490021b10a5318b4971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 17 Aug 2023 12:40:42 GMT
server
cloudflare
etag
W/"64de154a-1fb"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
817537495d0518e9-FRA
expires
Tue, 17 Oct 2023 03:47:16 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Tue, 17 Oct 2023 02:47:16 GMT
925325c5-12fe-4cbc-b29d-815eea01b541
https://www.em.com.br/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.em.com.br/925325c5-12fe-4cbc-b29d-815eea01b541
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
pmk-20220605.10.js
pm-widget.taboola.com/diariosassociados-em/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/diariosassociados-em/pmk-20220605.10.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/diariosassociados-em/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08b06650757c02226215d9b21c075c230babd6b3f1c8dc92b21e4a1e8e3de10c

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
fmC1Vd5DIMVka4Itde7xswWN8zJYgsL1
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:16 GMT
x-amz-request-id
XRRX7RAZR0YDQA1V
age
1533335
x-cache
HIT
content-length
22191
x-amz-id-2
J7VTNVIfzlZhJztDM/R0A4oPYZBAbyIcwW3oTLj4G8OukpbEVdLHveCNWCbDHX3dRpghdqLNxJQ=
x-served-by
cache-fra-eddf8230035-FRA
last-modified
Fri, 29 Sep 2023 08:44:16 GMT
server
AmazonS3
x-timer
S1697510837.765049,VS0,VE1
etag
"6c99ac0206a1dda17472dde8929ceced"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
get-action
nr-events.taboola.com/newsroom/1.0/diariosassociados-em/ 		132 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariosassociados-em/get-action?page.url=https%3A%2F%2Fwww.em.com.br%2F%20&view.id=193416518159175857&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/diariosassociados-em/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
340be64063a5276b17425081a08d0b12d2a641eb9664a18e90ea22142f3c9e15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230133-FRA
tbl-x-upstream
10.44.51.123:80
date
Tue, 17 Oct 2023 02:47:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1697510837.797931,VS0,VE12
x-cache
MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17658134-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fadd66c89e4c900dfa0de004bea38a3314c1464700f66900973d42f452bc7533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64116
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 02:47:16 GMT
card-interference-detector.20231016-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231016-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8618f48fb8801372552e5d414b3439ae43385263f21613f10e44e8ee06530bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
EXyIMBJ81x8Yw7HWJRyb2nGMQiKOFfKp
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:16 GMT
x-amz-request-id
K5PGEV4WJR25EY7Y
age
23957
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
3R3e9hJY1fvLCgJ/r7KOPTZAXtxadVHLOsvEdfd2zsPe0093maagD5h7NxQzqlVdjsCPFzFVQQk=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Mon, 16 Oct 2023 20:07:59 GMT
server
AmazonS3
x-timer
S1697510837.737040,VS0,VE0
etag
"939d6216023bb939a434444b1c715846"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
70
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6655
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
239900
expires
60
json
trc.taboola.com/diariosassociados-em/trc/3/ 		40 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/diariosassociados-em/trc/3/json?tim=04%3A47%3A16.743&lti=deflated&data=%7B%22id%22%3A293%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697500958955%2C%22vi%22%3A1697510836740%2C%22cv%22%3A%2220231016-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%20%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8726%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-mid-article-home-page%201%22%2C%22orig_uip%22%3A%22taboola-mid-article-home-page%201%22%2C%22cd%22%3A1514.5625%2C%22mw%22%3A337.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a-new-1x4%3Aabp%3D0%22%2C%22uip%22%3A%22Mid-article-home-page%202%22%2C%22orig_uip%22%3A%22Mid-article-home-page%202%22%2C%22cd%22%3A7264.1875%2C%22mw%22%3A1350%7D%5D%2C%22ex%22%3A%5B%22%2Fapp%2Fnoticia%2Fpolitica%2F2023%2F10%2F16%2Finterna_politica%2C1577514%2Flula-e-maduro-discutem-eleicoes-na-venezuela-e-divida-por-telefone.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577545%2Fatropelamento-na-br-40-causa-lentidao-de-ate-5-km-em-ribeirao-das-neves.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577525%2Firmas-levam-faca-para-escola-e-deixam-dois-alunos-feridos-em-barbacena.shtml%22%2C%22%2Fapp%2Fnoticia%2Fpolitica%2F2023%2F10%2F16%2Finterna_politica%2C1577385%2Fzema-servidor-tera-direito-a-dois-reajustes-durante-recuperacao-fiscal.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577421%2Fvitima-de-ataque-em-escola-de-pocos-de-caldas-recebe-alta-da-uti.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577447%2Favo-que-pulou-do-4-andar-de-predio-em-chamas-passara-por-cirurgia.shtml%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CMid-article-home-page%202%3Dthumbnails-a-new-1x4%3Aabp%3D0%2C%2Ctaboola-mid-article-home-page%201%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0cd0adaa00fc412db32968acdd12c3f7c422e32bce7f5ad957796ebe3dfa4ff6

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
237
date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.14166666666666666
x-fastly-to-nlb-rtt
7277
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-eddf8230133-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1697510837.763259,VS0,VE237
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.em.com.br
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.em.com.br
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
notify-impression
nr-events.taboola.com/newsroom/1.0/diariosassociados-em/ 		0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariosassociados-em/notify-impression?page.url=https%3A%2F%2Fwww.em.com.br%2F%20&view.id=193416518159175857&page.template=home&page.dashboard=home
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230133-FRA
tbl-x-upstream
10.44.219.141:80
date
Tue, 17 Oct 2023 02:47:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1697510837.816349,VS0,VE10
x-cache
MISS
access-control-allow-origin
*
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PXLPNKGTKV&gtm=45je3ab0&_p=1827025592&ul=en-us&sr=1600x1200&cid=1777242772.1697510836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.em.com.br%2F&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&sid=1697510836&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PXLPNKGTKV&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 00:59:44 GMT
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
6452
x-amzn-requestid
92a47c02-9f9b-4066-a033-d396cd83bebc
x-amzn-trace-id
Root=1-652ddc80-76d477ca57c090c90362880b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
M69kFFg3DoEEcCQ=
content-length
30
x-amz-cf-id
Cnb9CXnjUkhPxRFg7EZv037vUxKgonlrKHtdMuplM-YxA_3gEVZs-w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.em.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 17 Oct 2023 02:47:16 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-apigw-id
M7NUUE2sjoEEOdA=
x-amz-cf-id
5FANAgX5oSYDby_mmtWTt9ZfHWqpJj-IHUzvAQz2_CbMCJ4C8dYzDA==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
0e6927e1-68dd-42ad-81b0-461487fa5542
x-cache
Miss from cloudfront
truncated
/ Frame 570B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1d70f5776dea93de8e622e3a204129a13fdec929aa98138ecb433309e51e490

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
3495133112913262605
tpc.googlesyndication.com/simgad/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3495133112913262605?
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13159416dff9a33340d439f52c9a93539172c1789b319d382a107e4b3165fe7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 19:09:48 GMT
x-content-type-options
nosniff
age
459448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14977
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 22:27:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Oct 2024 19:09:48 GMT
dot.gif
tpc.googlesyndication.com/pagead/imgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQTu7grREZd9KW3rj9gibWa-8M7TaqrxcvbegXYteHSnV62-RUtaFUtGtd1HJgtupFxEKQStFzV2Bj4kp9QhUZbAaWnYLizWWmEtzv5TA3cxlmuGOwXlf8PPefQsT3106ArSbMDkt-2...
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
42 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 11:44:15 GMT
x-content-type-options
nosniff
age
572581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Oct 2024 11:44:15 GMT

Redirect headers

date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame C47B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae80d4fd6f7e82f7e7b4124824fbbdd454da7ba9027f0bd6763d5a362f5fa315

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
dot.gif
tpc.googlesyndication.com/pagead/imgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRVPAsdHMIlsuH17aBLfiinDlNiy2gJ1FMyZmvRDEgUli5UmxEe7fJLCspveRw3Kbu5RFqkL0IyH_9RSJkQvuglVK46t6DkAOH5TA559xWzcHYaCX6s9BTwIVj9lSTkh9nQNIVAASJG...
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 11:44:15 GMT
x-content-type-options
nosniff
age
572581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Oct 2024 11:44:15 GMT

Redirect headers

date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
572db77188410e0cd6b5a8755716423c.js
scripts.cleverwebserver.com/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/572db77188410e0cd6b5a8755716423c.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f6d606f7a2add6086c28809fbdfea4a809f8e97faf665e9c60ea36a326d9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
x-amz-version-id
D_Ah9sOofGUzkc0_VdEswfou9xtkamb3
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 25 Sep 2023 13:44:40 GMT
server
cloudflare
x-amz-request-id
8SD2XP31DWQBFD7X
etag
W/"4fde61e3d006581cb920913b0a9f52fd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
8175374afeb19066-FRA
x-amz-id-2
176+Tbwd16oy9DL1XGoLf/mQ6W+E4Aqhkrg8Gryt/rMcLGGqadrZnkzuPGpEtA6XlhsltRMZ7dI=
expires
Tue, 17 Oct 2023 03:17:17 GMT
truncated
/ Frame 82C9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0db9ab0a083dcfb758b2f36d573746c04e9e8ea2cc39c712fd61f9344d26bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 82C9 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJK43JmwyLjjxADe0vgTHBe595RrQYi68tkLJZbKxXumkbDtB_rCQDwOM1d4ZFDFg54C6QzRzLBoLUFf5xVlIXGT_FgESC0Tj4xEbB6XQAG6qTEATm_N_CJRBOGTbGbkhin7gSORrL8GNKr-rd8sb2cqJXyG38r_DJp4Vc0G0YJ3_7cwx3z_EuMynnZVISQ8VteN7sWwa0j0Em4nw_4VF7A8HKCMu4Xv3CK29w3MsmzlqN1KcUm-smftVQaL50SW1cK3TMYMVxudYfeQ_6Ly-c4wO14jsCFGNwc2tK9BWsmKUbV9WRi5Kp3hsJ3uPsSiOjxWBWlUAiTyKvpbBpg8S9C6_8vf6xGgLS5XTkoqS0gArj&sai=AMfl-YT93a0qCexPh23d0RX6LiDO_2AFfQ8bZbs1hrMc3Q_RTp3Hlj86Xz1uNLP0-tlf8iycloRFZJsnVw45rzgQKws6XXQD22zdMQb-Q_61IJyG4pCXzc2I8SLx_Ob6H2b2luSw7B1a2h4Kvd10naA&sig=Cg0ArKJSzBaknymcnfX1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 02:47:16 GMT
usr
usr.navdmp.com/ 		359 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=89454&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3870300976bb5293747bb209486f1503524a050e2b5abddc5965bf9e5e73096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
public
date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
8175374aede518e9-FRA
expires
Tue, 17 Oct 2023 03:47:17 GMT
videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 		975 B
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20456020
x-jsd-version
6.7.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-yyz4535-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH3UOC4305cqQFVcFuq0gG7kX6Uqn1eGwfl0PMDkHz1oUm%2BQ7HQpRkVGd4Yxf3jIalH6ONazsOj4F0k4wwVI6rSU7bbqwLc8EGo4C5U2AWXsIr6SGCvFWg4QNn5ELn1BPNihE9Ld%2BJzl0c2qB48%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8175374aff8103ec-FRA
videojs.ads.min.js
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20456020
x-jsd-version
6.7.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-yyz4530-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6a3c-OUUBKv7icoV/OxPeKLpcAlpHAGg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtZye0pWXCYYeLFMQhqbQccni3mm2NFmOgw1J8sz5lY25KSmKIg3u5LTuLEagyCq2Zgd%2FlemzBno%2BAOwBm3UQYDenw%2FG1BVIeFI7aUUNXiBwjKhCLjU7rGBQQCGd7bvbxKmEUWn%2BlI14gQ7gpFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8175374aff8203ec-FRA
videojs.ima.min.css
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20456020
x-jsd-version
1.9.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra19165-FRA, cache-yyz4556-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"a4e-O74oHTnsIDZGOCZu1d1V6JdzQ/o"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41IL8JWaOMOz7aWkFeU0f0%2FdyOaq2c7%2F8UslgTpgIuOLeVemL%2BowfWqLRnVdQ4sMpuJ6LWxGfvrBAfyTTw9AyXdv%2FgS4O%2FkA6fnjO7CsLze1FmGaLpcj2vitqb94cgFMRXaA4waOUenR4atBQ2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8175374aff8303ec-FRA
videojs.ima.mod.min.js
cdn.membrana.media/video/vast.vpaid/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/vast.vpaid/videojs.ima.mod.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
5592ad11c9602028561e12b5d951d8928b9ef7676e9a3b5e91b1a05e28d47678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-599
cdn-cachedat
10/13/2023 10:13:43
cdn-pullzone
139012
last-modified
Fri, 24 Feb 2023 11:28:26 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
406
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"63f89f5a-8b5f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
68ff0971574bbe9c0431043903c6bdea
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
videojs_5.vast.vpaid.js
cdn.membrana.media/video/vast.vpaid/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
d0ffa897d2103cdd6bb8d6b7842e909fdd93743f553abfc5d20cfdab2b460c51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:16 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-587
cdn-cachedat
10/13/2023 10:13:42
cdn-pullzone
139012
last-modified
Sun, 24 Sep 2023 10:00:05 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
659
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"651008a5-227b5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
71796ab1844fc242383cebbc641ff4e9
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ Frame A47C 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: barra.uai.com.br
URL: https://barra.uai.com.br/centralizador.html?origem=https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://barra.uai.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 01:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3343
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 03:51:33 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efae3c94e492c39a78a73b59844ed4383921d82817b7c26852deff525b1b8104
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1069
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8175374bafe26922-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 02:47:17 GMT
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7YZWuv8sNWU0j31ecqKWVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-7YZWuv8sNWU0j31ecqKWVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 17 Oct 2023 02:47:17 GMT
button
accounts.google.com/gsi/ Frame A1E3 		111 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_837063_876979&as=VXVkboFJhVhCMi%2B84Qxywg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc34e9a8abc476164f8ebadb90113558a8fb558967f13ec53007a8bd8eeda6e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ylDoUoF0m14UON3oL-fhDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ylDoUoF0m14UON3oL-fhDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
login_button.php
www.facebook.com/v14.0/plugins/ Frame E06D 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f8beee7e16f7c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.em.com.br%252Ff1e88207107566c%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=f7b112e36860b2218bc9a0cd8f1c6914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9b4373386fd14bd6250dd6b449b4c2763c624528f239db7ed97882056903b9c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Tue, 17 Oct 2023 02:47:17 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v14.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
i1J0zvW6XRg7z4sBvN90uFIEnpfhfBoixT2TYRY2AGNtC+7HhQA7wKmrTkLXaSUqNoToNwq16TIRrDH571qLKg==
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 06:11:32 GMT
content-encoding
gzip
age
74145
x-guploader-uploadid
ADPycdtRJ9LCRelhAf6gArlOe27bIpwMg_cgu7kPCYPKt2qNWX4rcbsvcS9p6HE5KuHqKd-9smU8vg577XcaviaWkuusZ92os5y-
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Tue, 17 Oct 2023 06:11:32 GMT
20231016233108923145u.jpg
i.em.com.br/ecEdf6NsTQZSccGXbxBBy1SHX0g=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/ecEdf6NsTQZSccGXbxBBy1SHX0g=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016233108923145u.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
22eca0cc1bdd217d980781b7671fec7e5700549e9bb29db6f90d807d6f19dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"aff91d0d79cb6db1d12d2432194f77e643c8e3f9"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
3670
expires
Thu, 16 Nov 2023 02:47:18 GMT
20231016233105952742i.jpg
i.em.com.br/FhZU6qARcPolYqR3kziYhPl9VXw=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.em.com.br/FhZU6qARcPolYqR3kziYhPl9VXw=/330x220/smart/imgsapp.em.com.br/portlet/523/22262/20231016233105952742i.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
d0f2bdb7aaaca97e018292e3c67299f7815529aecd59705531eb5eac14b434f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
server
nginx
etag
"ada3c47feba4ffa110b26575cf4438f58716562f"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
content-length
5680
expires
Thu, 16 Nov 2023 02:47:18 GMT
profile
tt-10258-0.seg.t.tailtarget.com/ 		92 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10258-0.seg.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:17 GMT
x-amz-request-id
1CQ9B540YEYMG98S
age
48
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
5JmIRQ33ztqNKP7UDzMu7fYqpE5idGAB76ddRB5XVf7fhUvaYUovYHF7+nhUz/A9PLGhPZAmyHg=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1697510837.248596,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
56
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
11
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.6/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3cf0c440ae6b60eb827eccd6ce0630ea0f94119b8a69d72a9d308455712a8e0d

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
41636
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34883
x-served-by
cache-fra-eddf8230035-FRA
last-modified
Mon, 16 Oct 2023 15:12:47 GMT
server
AmazonS3
x-timer
S1697510837.256757,VS0,VE0
etag
"92d7c99ba3ac396efa97824b1df816de"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
nmvRYWr4Vntwvb-xW6Tp9-bJr7_485YfPqdGei2JEi49JPGlAuJwoQ==
x-cache-hits
2117
userx.20231016-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231016-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6428755e51fb95aa79727d4a28381aeaa3059a3c1e4664a1f95780879f8cd3aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
5hSUXbrA6GSrc6tlFOxvTUzGw04mnWgJ
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:17 GMT
x-amz-request-id
1YBV2H4A2W4W8S6Y
age
23922
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
LBKldaYWDyNEj1wFGQShNGjiy8y0Q/4va6su9d0E1i0ul7pz/gisDBnO6noxNIZe2pMcc3MFrNk=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Mon, 16 Oct 2023 20:08:35 GMT
server
AmazonS3
x-timer
S1697510837.256864,VS0,VE0
etag
"f855f72416f658fa45a63c3a15d76399"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3533
distance-from-article.20231016-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231016-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ed82f204e7bbda9a5825681c3b4c6a9a3d88f1147fb9c2a84b63d84d92468c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sUYAhstveS9A6mmfdQDlWqKx.B5thpRK
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:17 GMT
x-amz-request-id
QKW5PX3V66P18AGK
age
23955
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
0vOVz+hcuQZSB2QT6GiY46Q4I9cQngCETRKFaErYkpc7VvJLMpNxu82mmLTRA5DuTsBL4TZSHmI=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Mon, 16 Oct 2023 20:08:03 GMT
server
AmazonS3
x-timer
S1697510837.257456,VS0,VE0
etag
"a25e208bccbfd5c4fbbb0ddf25f088e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23023
article-detection.20231016-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231016-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58fecb59b01d611081f5666ca6e177407742eb8a78b462b7dcf73aafff4157b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
fab7YPR0rbFmGTGP_8S6nvsrETWl.3D8
content-encoding
gzip
via
1.1 varnish
date
Tue, 17 Oct 2023 02:47:17 GMT
x-amz-request-id
79MMV5815HB2AK5A
age
23961
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
mW4at3g/kNV37smsm1OfYUMz4fcknZoLxC+1l6e6L4lFMrZLju2se4y5iDZ/fI1x8uY7nymfS9w=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Mon, 16 Oct 2023 20:07:56 GMT
server
AmazonS3
x-timer
S1697510837.257791,VS0,VE0
etag
"7994963a91c854071e76e6482e312a64"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23043
json
hp.taboola.com/diariosassociados-em/trc/3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/diariosassociados-em/trc/3/json?tim=04%3A47%3A17.258&lti=deflated&data=%7B%22id%22%3A193%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA%22%2C%22ui%22%3A%229f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34%22%2C%22uifp%22%3A%229f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34%22%2C%22lbt%22%3A1697500958955%2C%22vi%22%3A1697510836740%2C%22cv%22%3A%2220231016-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%20%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8317%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Hard%20News%22%2C%22orig_uip%22%3A%22HP%20Hard%20News%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2Fapp%2Fnoticia%2Fpolitica%2F2023%2F10%2F16%2Finterna_politica%2C1577514%2Flula-e-maduro-discutem-eleicoes-na-venezuela-e-divida-por-telefone.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577545%2Fatropelamento-na-br-40-causa-lentidao-de-ate-5-km-em-ribeirao-das-neves.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577525%2Firmas-levam-faca-para-escola-e-deixam-dois-alunos-feridos-em-barbacena.shtml%22%2C%22%2Fapp%2Fnoticia%2Fpolitica%2F2023%2F10%2F16%2Finterna_politica%2C1577385%2Fzema-servidor-tera-direito-a-dois-reajustes-durante-recuperacao-fiscal.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577421%2Fvitima-de-ataque-em-escola-de-pocos-de-caldas-recebe-alta-da-uti.shtml%22%2C%22%2Fapp%2Fnoticia%2Fgerais%2F2023%2F10%2F16%2Finterna_gerais%2C1577447%2Favo-que-pulou-do-4-andar-de-predio-em-chamas-passara-por-cirurgia.shtml%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Hard%20News%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d13713611d187b0c8fbbbe46da63f436358a00a40468d3a7ccacdc0f73d2eec4

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
42
date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.10725
x-fastly-to-nlb-rtt
7441
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230133-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1697510837.267880,VS0,VE42
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.em.com.br
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697510837259%7D&tim=04%3A47%3A17.259&id=9387&llvl=2&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.em.com.br
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697510837261%7D&tim=04%3A47%3A17.261&id=5559&llvl=2&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.em.com.br
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697510837262%7D&tim=04%3A47%3A17.262&id=5878&llvl=2&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.em.com.br
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
v5
metrics.getrockerbox.com/track/ 		44 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=28250545&tier_three=3831634844&tier_four=diariosassociados-em&tier_five=Desktop&auction_id=2023-10-17+02%3A47%3A16&referrer=em.com.br&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.143.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X%2BPl%2BT%2FjYXd7NFZNF5HPE4fmTPJ3RGg1zFl4eAsVejOpbjO3S0ndlkzZMuABhbMwKSu6pbkK50pLOY5nVVQGiACvGaf4yx8CFpr1iCsGSmwgCECfEthGvATNFSW5PrgNFCqiSLwi72pT9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
8175374d1f904dc4-FRA
alt-svc
h3=":443"; ma=86400
abtests
am-trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariosassociados-em/log/3/abtests?route=AM:AM:V&tvi2=8507&tvi48=9598&tvi50=10882&lti=deflated&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&wi=-2815970046077281568&pt=home&vi=1697510836740&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1697510837235%7D&tim=04%3A47%3A17.236&id=8273&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1697510837259%7D&tim=04%3A47%3A17.259&id=552&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariosassociados-em/log/3/abtests?route=AM:AM:V&tvi2=8507&tvi48=9598&tvi50=10882&lti=deflated&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&wi=-2815970046077281568&pt=home&vi=1697510836740&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1697510837259%7D&tim=04%3A47%3A17.259&id=8187&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1697510837263%7D&tim=04%3A47%3A17.263&id=4116&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22https%3A%2F%2Fwww.em.com.br%2F%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1697510837263%7D&tim=04%3A47%3A17.263&id=9427&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.em.com.br%2F&pid=kqVc726KOhntg&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22em-publicidade-ancorads%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%2C%7B%22sd%22%3A%22em-publicidade-rasgado-1%22%2C%22s%22%3A%5B%221190x250%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%2C%7B%22sd%22%3A%22em-publicidade-retangulo-1%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%5D&pubid=e896768a-4818-43b9-8848-9bdc9a567fdb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
12H26M1ARZD6B2G778MJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.em.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
lumKFLS-_4XMrdD9RcdhQGPcvbVhfrG9jzYO37A6SFPyEP3SCJ__fg==
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUASCJ0O
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
41d485e880c87aa321e754cd8b8bb3034ce2616380d3a744cbdd09bde179e51e

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.em.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 02:47:17 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=141ffc0e0f55afc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.14595825361173032
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
113e18899725e452cafbfb351094d8adcc8e34371e31242cc24c4c9debcd280f

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		339 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=em-publicidade-halfpage-anchor&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=157901c67a29316&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1133505193226727
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d32342255534e73ecd0558c7d570c60397e9aac750a38e4cd4a873e595cf741d

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751166&size_id=15&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=165460c81b1fe68&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.5657106230709876
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bf8fb7e6d0abdb71657009b3906844a12e5f18956fbcc95611669ea2f3976bdd

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=1704607aedc9f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.12200362371553264
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cc36307e3c9e491c3458f01e5bab786b0effcee459ddb16cf6db67f5c10678eb

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=18d777210eef77f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.8310187288228348
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f1bfdd34d2dc34f90dd0b59b84a4bc51dfa49a2b891e6861a0ec85125ab1a656

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=19bf6c40d8f6e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.7818242328426264
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ea8fedafe86d58925d4bfb5367ed16a36fbb5afba8d7d02eda4a4257c32fd797

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=20acd369899078f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.0581840362814241
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84180f8ddb3d32d0c68d49022edfdc7cc0b571284aba0c91396a6a214a48eada

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751168&size_id=15&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=211db3ea1c19957&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.30780023710957716
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1fa16bb9807eae27de2c2a3e0509a5e0c0402ab240442a0c991be7940ebe153c

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=22b2e4180709864&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.4404790629301183
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d5997be5f9dad446b9a179525d41d81039f9655671cb83e5be5c4a0bb3003ca1

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=23a04cc81e36db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.49402979036745553
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6a04727f4e047e4962acaa1375186ef1beb12fcadfcd5bf3cb21ed7c4ff0d395

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		334 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=https%3A%2F%2Fwww.em.com.br%2F&tg_i.domain=em.com.br&tg_i.page=https%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=24da1677917d5de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.6546228719796185
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4afeedbdc9168df2d15ff31a32d5c0f8353c9aea66132bf3bb0ddc07be5d75be

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
an-x-request-uuid
246d2590-d90e-43ca-ad50-88b2da99b2d8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.em.com.br
date
Tue, 17 Oct 2023 02:47:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: js.em.com.br
URL: https://js.em.com.br/headerbidding/rub-teads-app-rtb-mnet/8-3-0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.em.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 17 Oct 2023 02:47:17 GMT
U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame E06D 		522 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f8beee7e16f7c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.em.com.br%252Ff1e88207107566c%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
x-content-type-options
nosniff
content-md5
3AqCXDpjCzTAeVl9384gMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
x-fb-debug
pZD/usyScja61qhd2pYxrX0d1OXgn04T8gDjGJun8aCCVpqHzCFjKs/Msy680MuHRZtP3L/pSYPsnChEOV8J1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 04 Oct 2024 22:07:00 GMT
social
trc.taboola.com/diariosassociados-em/log/3/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/diariosassociados-em/log/3/social?lti=deflated&ri=e8c8e52cc1d8de02a4764c7d95dca42e&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510836_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.em.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fi.em.com.br%2FkM17X1YmR85sE-1UmBykkdl9SRI%3D%2F1200x630%2Fsmart%2Fimgsapp.em.com.br%2Fportlet%2F533%2F22491%2F20190909173121904029a.gif%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=04%3A47%3A17.369&id=9173&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7518
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230133-FRA
pragma
no-cache
server
nginx
x-timer
S1697510837.372011,VS0,VE10
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1827025592&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.em.com.br%2F&ul=en-us&de=windows-1252&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=power_homepage_variant&_u=aGjAAUABAAAAAGAAM~&jid=1299733784&gjid=1719338428&cid=1777242772.1697510836&tid=UA-17658134-1&_gid=1498474664.1697510836&_r=1&gtm=457e3ab0&jsscut=1&z=648470153
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1827025592&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.em.com.br%2F&ul=en-us&de=windows-1252&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Power%20Homepage%20Variant%20ID&ea=8507&_u=aGjAgUABAAAAAGAAM~&jid=&gjid=&cid=1777242772.1697510836&tid=UA-17658134-1&_gid=1498474664.1697510836&cd7=Nao&cd2=Nao&cd13=8507&z=170602461
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 15:39:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40047
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bulk-metrics
am-trc-events.taboola.com/diariosassociados-em/log/3/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/diariosassociados-em/log/3/bulk-metrics?tvi2=8507&tvi48=9598&tvi50=10882&route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.em.com.br
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
7d0e1925ff05191a31f4f0d5ec35a045.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
71d9ef8e89299ef0b9793ed382274693fef76f237e52e4a033369224cbd038cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
age
2953175
edge-cache-tag
465001665069678899320262329545940930297,386049105073207345796117033061845157211,29ecf9b93bbf306179626feeda1fab70
cache-tag
465001665069678899320262329545940930297,386049105073207345796117033061845157211,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
352
req-referer
https://www.tvmovie.de/
content-length
18656
x-request-id
d340d04a67570e669cced008f5f0e560
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200157-IAD, cache-iad-kjyo7100155-IAD, cache-iad-kjyo7100101-IAD, cache-fra-eddf8230133-FRA
last-modified
Thu, 24 Aug 2023 08:32:01 GMT
server
nginx
surrogate-reporting
width=400,height=267,bytes=30588,owidth=1920,oheight=1080,obytes=394037
x-timer
S1697510837.410693,VS0,VE0
etag
"84d1dc839dadedf96ba24d985c008806"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 50, 3
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.43797557488293193
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-F2fztDXWpkB0U9aAlsst8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-F2fztDXWpkB0U9aAlsst8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.758789757267722
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eQSa84zi3a1lSYiC-utWdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-eQSa84zi3a1lSYiC-utWdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame A1E3 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers
uai-main86-23227-20231010.webp
membrana-cdn.media/uai/desktop/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://membrana-cdn.media/uai/desktop/uai-main86-23227-20231010.webp
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.194.251.83 Kyiv, Ukraine, ASN42352 (QOS, UA),
Reverse DNS
unallocated.qos.kiev.ua
Software
nginx /
Resource Hash
8aed688bb15f9f1ea8c882ce25db500e8701dd8d8fda3e1a002d6c343a062a60
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 11 Oct 2023 01:37:27 GMT
server
nginx
etag
"6525fc57-88a2"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
34978
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
i48MP4F8IWw.js
static.xx.fbcdn.net/rsrc.php/v3i5VZ4/yc/l/pt_BR/ Frame E06D 		532 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i5VZ4/yc/l/pt_BR/i48MP4F8IWw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f8beee7e16f7c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.em.com.br%252Ff1e88207107566c%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7757c61eb8c882f4c34546f35b72fa8324dfe97f99440b3645c40fb09cd5c0ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jVdtx+Xg9Rlh99cITW5uAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141890
x-fb-debug
3OJlrBou4E4xExRHMTE50BY/G2wDNjbWuQezThNNcmcrQHMB3zdyGM2uW/k2+p0HgQ+I6HndguUS/BAot37KQw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 12 Oct 2024 23:17:29 GMT
/
ui.cleverwebserver.com/ 		160 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71099956323e49621c8b458d99ad1cb0db420a0174fc7ec444e9a3ba36328105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8175374e88a09066-FRA
content-type
application/javascript
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=137cad8da3f6c681fdcffd04ba10%7C0&acc=89454&tit=Jornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25EDcias%2520Online&url=https%253A%2F%2Fwww.em.com.br%2F&upd=1&new=1&h1=Jornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25EDcias%2520Online
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8175374e9fbe18e9-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=83696127395
  • https://sync2.navdmp.com/sync?prtid=2&id=83696127395&google_gid=CAESEPwte0lDBHcIeCUTBPdAyVQ&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=83696127395&google_gid=CAESEPwte0lDBHcIeCUTBPdAyVQ&google_cver=1
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81753750189218e9-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=83696127395&google_gid=CAESEPwte0lDBHcIeCUTBPdAyVQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/sync/ 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 02:47:17 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1524"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 Oct 2023 02:47:16 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.87
content-length
344
content-language
en
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17658134-1&cid=1777242772.1697510836&jid=1299733784&gjid=1719338428&_gid=1498474664.1697510836&_u=aGjAAUABAAAAAGAAM~&z=220729676
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 17 Oct 2023 02:47:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/74c0d3cc-5273-4934-aa69-7d9eae62e077/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/74c0d3cc-5273-4934-aa69-7d9eae62e077/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f87c4a63a5f47346818f042d439549b0f246cc12355e94b63e190a147c5df2e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9a18d4dd-05e4-4b6e-8d0d-255035386e38
x-runtime
0.031487
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"8f87c4a63a5f47346818f042d439549b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8175374e98412c4f-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 17 Oct 2023 03:47:17 GMT
/
kinesis.us-east-2.amazonaws.com/ 		110 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
f09169849dc0f6f8d9e5e57c6ec2e2f018e6609b4c0e3914588740d68c467c8c

Request headers

Referer
https://www.em.com.br/
X-Amz-Target
Kinesis_20131202.PutRecord
accept-language
de-DE,de;q=0.9
X-Amz-Date
20231017T024717Z
Authorization
AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231017/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=055d2f8d3942092f861439b2182a971ef45321d2994da33cbee866f53e0600f3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Tue, 17 Oct 2023 02:47:17 GMT
x-amzn-RequestId
dc30a9d7-43ca-b8c2-8197-5e22dab5ec65
Content-Length
110
x-amz-id-2
c+NlqX5vs2jVr17OHud3T5bRMb2DAZ4faVi93QWL8KUcoabzrOcHOQsaDEoG/vIA1ENe7YsGtPy0bkDAn7v8WMPNKljNFrc/
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-2.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.36.77 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-36-77.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.em.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Tue, 17 Oct 2023 02:47:17 GMT
x-amzn-RequestId
d6085fcf-dc15-c858-8baf-a83a456a9cff
AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pNbRlCcItdQJUFAISRmjPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pNbRlCcItdQJUFAISRmjPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.em.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 3462 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25040
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 19:49:57 GMT
expires
Tue, 15 Oct 2024 19:49:57 GMT
last-modified
Tue, 10 Oct 2023 20:31:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 02:47:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A2FB 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 Oct 2023 03:12:40 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:06:39 GMT
content-encoding
gzip
age
60038
x-guploader-uploadid
ADPycdvZhUYbRMhrFhHZkk3aoc-Wsk8pnOECCb1wz39GIFm99iNKDUHSg2iUBxRwRu0ypgTR61arLcXh6pqQE2xwONVANU61GhZW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Tue, 17 Oct 2023 10:06:39 GMT
trk
tt-10258-0.seg.t.tailtarget.com/ 		70 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-10258-0.seg.t.tailtarget.com/trk?tA=TT-10258-0&tJ=_channel:em-geral:1&tK=1697510838&tM=direct&tL=direct&tN=direct&tY=3&tZ=77585098
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
supply-feature
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/supply-feature?lti=deflated&ri=aea0082264cf74d1b3614398ce4723c7&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510837_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A234.71875%2C%5C%22articleClasses%5C%22%3A%5C%22webstories%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22100%5C%22%7D%22%7D&tim=04%3A47%3A17.664&id=9569&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/supply-feature?lti=deflated&ri=aea0082264cf74d1b3614398ce4723c7&sd=v2_1594d56047c7117609dec042d011acc8_9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34_1697510836_1697510837_CIi3jgYQ1o9BGISUn9yzMSABKAEwODib4wlAgooQSK652QNQ____________AVgAYABooKCVq-PzhYw8cAA&ui=9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34&pi=/%20&pt=home&vi=1697510836740&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22234.71875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A47%3A17.669&id=3490&llvl=2&cv=20231016-4-RELEASE&
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=53354&c=DE&r=HE&l=251&b=Chrome&os=Win10&mob=0&v=1.51.1&ref=aHR0cHM6Ly93d3cuZW0uY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8175375069619066-FRA
content-length
43
content-type
image/gif
u
b.t.tailtarget.com/ 		54 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
87d17501413adb87a6ff46f0511a01dddd887a64af6c36c5f37aa22bc66f8949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089043390418607&correlator=3046664718429315&eid=31078703%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%2C1190x250%7C728x90%7C970x90%7C970x250%7C980x250%2C336x280%7C300x250&ifi=8&didk=2733480348~1812297616~1779311817&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3D8345647bbc88ceee%3AT%3D1697510836%3ART%3D1697510836%3AS%3DALNI_MZg9_45H2p4--AEMsgCdj3SampDog&gpic=UID%3D00000c9a44c5e6c0%3AT%3D1697510836%3ART%3D1697510836%3AS%3DALNI_MbrwdobqBzsGl-CRnC0g5KCVJD0NQ&abxe=1&dt=1697510837858&lmt=1697503637&adxs=436%2C205%2C1146&adys=1110%2C359%2C1300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x-1%7C1334x-1%7C321x250&msz=728x-1%7C1334x-1%7C321x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&psts=AOrYGsnPnjfwAJzAwGAnnJOzkEHQYzCs7pIQM5rZAggHKoVWBBIznHNW2vQRjTXweyDucvaLYmSnzmkgGDpfx7SKp9hc2dN906ZC%2CAOrYGsm1crZ1EvKrIm6nWNwjDY2Ax7NyA64J0I0sdu-EKl0W%2CAOrYGsneiTVZ_c9yPMVJM42If6s19yYhM2ZleYODHMKd0jPeHAH7OIPrJhKHqt6D9K0RG67iqRiCWs0vtv1QcL7zbZg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskYc20Bn9uayeomheI5MeY93uq1YgJZ5XgJU-_7smgOge4jEMQG-xa8Fj2omN0JHcBdrTG07cAkp22voNCxZMk%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1777242772.1697510836&ga_sid=1697510837&ga_hid=1827025592&ga_fc=true&ga_cid=1498474664.1697510836&dlt=1697510835407&idt=1096&prev_scp=identificador%3Dpublicidade-ancorads%26refresh%3D20%26implementado%3Ddinamico%26pos%3D1%26amznbid%3D2%26amznp%3D2%7Cidentificador%3Dpublicidade-rasgado-1%26refresh%3D30%26implementado%3Ddinamico%26pos%3D3%26amznbid%3D2%26amznp%3D2%7Cidentificador%3Dpublicidade-retangulo-1%26refresh%3D30%26implementado%3Ddinamico%26pos%3D7%26amznbid%3D2%26amznp%3D2&cust_params=unified_id%3D26hsq0u8-8y45bn249l-l07jzq19v20f%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D1%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%26tagsofpage%3D%26reload%3D0&adks=1060018158%2C3239016431%2C2804343735&frm=20&is_cau=%2C%2C
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26afbfcfb329174e16387f86ac5e76daa6521614b6398566921a114ebe827bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28436
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.em.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprammp.taboola.com/ Frame 023F 		422 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&cmcv=&pix=undefined&cb=1697510837942&uv=3347&tms=1697510837942&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=55a4d2d1-3934-46c8-b97a-19bd16745758&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16dd31604a1f3ec4989bce7d97172015004d480cd1d5063e12756269b250f542

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 17 Oct 2023 02:47:17 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230133-FRA
x-timer
S1697510838.953481,VS0,VE12
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&cmcv=&pix=31589837&cb=1697510837942&uv=3347&tms=1697510837942&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1697510834690!ts:1697510837941&mntl=1
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
content-length
0
server
nginx
sync
am-match.taboola.com/ Frame C0F4 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
16dd31604a1f3ec4989bce7d97172015004d480cd1d5063e12756269b250f542

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 17 Oct 2023 02:47:17 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=322&height=181&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1697510837957&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1559&pt=-1086914837&tz=120&viewable=true&ddast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1008127&dpubid=194937&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.em.com.br&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23949561cce2afe06e83a9d06ff088ed38d7c8b617da4eef58905aa404821ad6

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1428
x-cache
MISS
x-served-by
cache-fra-eddf8230133-FRA
pragma
no-cache
server
nginx
x-timer
S1697510838.979856,VS0,VE136
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
921
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
817537515c056922-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 02:47:17 GMT
generic
match.adsrvr.org/track/cmf/ Frame 023F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&cmcv=&pix=undefined&cb=1697510837942&uv=3347&tms=1697510837942&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=55a4d2d1-3934-46c8-b97a-19bd16745758&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 023F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&cmcv=&pix=undefined&cb=1697510837942&uv=3347&tms=1697510837942&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=55a4d2d1-3934-46c8-b97a-19bd16745758&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12788

Redirect headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
content-length
0
sync
x.bidswitch.net/ Frame 023F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&cmcv=&pix=undefined&cb=1697510837942&uv=3347&tms=1697510837942&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm!ul3347_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=55a4d2d1-3934-46c8-b97a-19bd16745758&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.107.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame C0F4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame C0F4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12788

Redirect headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
content-length
0
sync
x.bidswitch.net/ Frame C0F4 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.107.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
icon
onesignal.com/api/v1/apps/74c0d3cc-5273-4934-aa69-7d9eae62e077/ 		124 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/74c0d3cc-5273-4934-aa69-7d9eae62e077/icon
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|a4c4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f5c45d95ea2923d133e01d151b8e5c72a1adce6f90185ea9646ea55629a5ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9e864b7f-1094-4a5e-9815-8b877a6234bf
x-runtime
0.015476
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a1f5c45d95ea2923d133e01d151b8e5c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
81753751cad72c2e-FRA
access-control-allow-headers
SDK-Version
b
b.t.tailtarget.com/ 		113 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10258-0&tY=1&tS=1&tU=0100007FB5F52D659A060377025C1820&tX=b.52&tZ=198464406
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
900bbacfa7655c37289755605668eee5d73ee47255f83a6bf050e786701ffd47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
em-onesignal.png
imgs.em.com.br/em/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/em-onesignal.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
d1fafa7ada71f5fe504ec87f51b287132b0f18c9c4f57f42a628b0023cbf3e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 17:24:20 GMT
server
nginx
etag
W/"68fc142-1ebc-5ed7182851675"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Thu, 16 Nov 2023 02:47:18 GMT
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_4_7/infra/ 		673 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_7/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d41cbf13ec8359411ecd98eb4b6af27deb4d871837060fd07e4cf5b61bee4b51

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-meta-mtime
1697447261
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
3Q88FJGP72V8MCH6
age
63392
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1697447262
x-amz-meta-mode
33188
content-length
117739
x-amz-id-2
jLyTI/ZuUzTp9nSyyCo1Zce5F5N71SlP7XdCYviB+Xlw2qObgeBkevFheszw+KYPLIMEyDgDtmQ=
x-served-by
cache-fra-eddf8230035-FRA
last-modified
Mon, 16 Oct 2023 09:07:43 GMT
server
AmazonS3-br
x-timer
S1697510838.124970,VS0,VE0
etag
"2f236123cdad8d0e0b6b474cfcdb8075"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3587
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_7/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_7/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-meta-mtime
1697447318
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
CNNFJ6A1GAMCJB1E
age
63392
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1697447319
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
t4zStb09oOBQn1J7XeIM1lWT6lvuZkI7ToMCrw5zvFF4p9QWAspIrxRucUwDl4DewrF+InB/8No=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Mon, 16 Oct 2023 09:08:40 GMT
server
AmazonS3-br
x-timer
S1697510838.124976,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12030
sync
am-match.taboola.com/ Frame 4242 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_7/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
aed6009e81d057dc1e84ab48c988a87a68a5104420c1fbdde0ce715fb4394a34

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 17 Oct 2023 02:47:18 GMT
machineid
3408
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.em.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
2328772
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1697510838.227050,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
752009
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.9/ 		449 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.9/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_7/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d8a018693423ca72694ce1cb9a9d702a9b89abc651c74f41f6ab6128b3c2ad7e

Request headers

Referer
https://www.em.com.br/
Origin
https://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-meta-mtime
1696669266
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
8J1ZYMTZXP538F5N
age
841498
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696669280
x-amz-meta-mode
33188
content-length
86634
x-amz-id-2
Bko2UVarz6rE4Heky7atbYeKqYE/Rad5yCY8rpbi6fD+U9wIFUIeIRe9fCz5n09SQJiygwDouAE=
x-served-by
cache-fra-eddf8230035-FRA
last-modified
Sat, 07 Oct 2023 09:01:22 GMT
server
AmazonS3-br
x-timer
S1697510838.229260,VS0,VE0
etag
"aed9fd3ee315b8a770eefb8b6495f6e1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
705106
generic
match.adsrvr.org/track/cmf/ Frame 4242 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 4242
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12766

Redirect headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VtoCH8hE2oSVKlwlUVuIHJTpIOEHxVCjo6eRRg--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame 17FF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 02:47:18 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 17FF 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 02:47:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70611
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:09 GMT
khaos.json
token.rubiconproject.com/ Frame 17FF 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
ck.php
fundingchoicesmessages.google.com/f/AGSKWxVwnz5cQm8Wi1j5LJUX163r5m89zG1a8yOP2jz8ls_wS6Zo6-arleBVEK-Pg5aYR3UvK_5WfNZaHcmP-OAu0T9p_aEmRGlYIt4CL9gq2t1mncicqOgOKul-jYy4PEcEI8nr5kjCJ_y9c6YwTVrSpp76RIgoy... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVwnz5cQm8Wi1j5LJUX163r5m89zG1a8yOP2jz8ls_wS6Zo6-arleBVEK-Pg5aYR3UvK_5WfNZaHcmP-OAu0T9p_aEmRGlYIt4CL9gq2t1mncicqOgOKul-jYy4PEcEI8nr5kjCJ_y9c6YwTVrSpp76RIgoyFze8OadtGaEO17nx5l0OnuxNc_ZNPB7/_/ck.php?nids/rpgetad./flv-ad-=300x250//iwadsense.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTF3BdmiQfW8xryYMvMG2mG_AGA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2d63a2bfbc97d6992d6a18f67e52c524ed1b12c7c118575bec3d41e38b76ebe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CXMLYdRJqqCAYmKsCS1RXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-CXMLYdRJqqCAYmKsCS1RXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTF3BdmiQfW8xryYMvMG2mG_AGA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 11:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
55167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 11:27:51 GMT
AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wQQ5maG5oiYS8Xt8LuOjvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-wQQ5maG5oiYS8Xt8LuOjvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.em.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ca
tt-10258-0.seg.t.tailtarget.com/ 		61 B
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10258-0.seg.t.tailtarget.com/ca?tZ=789205103
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
29f7a871c05a6b6d546fa2cfce468667f531464703b48d24ec3393e0065a358b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-w7lFC0-Ln_z6Fl-6YnLK6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-w7lFC0-Ln_z6Fl-6YnLK6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.em.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nekEVyCX58D076N0em0zOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-nekEVyCX58D076N0em0zOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.em.com.br
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWoNoHUTkoLEl7pCVqEmp1Zbmb787ue9zIiBeVTxJbeEWjfKvgJTXDOUpfUU2pR_aIA5eDazEY1t3r4etswkXdva5urf5lsmGKTKKRjIByVfMa--GIhm-sCuaZDpLfd8vZIvEY_vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zl_zczuvnrcQbj8MRlDhmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zl_zczuvnrcQbj8MRlDhmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.em.com.br
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWRKViekzzlou5WB6fovJhucIgQl8s9svuVmuyu3v4XELutfXh8Fc3yzEko-agke-H2bK7f-dcoTdH4dkYJbegcHjHmDxv7n8rgca9vQ3uGKW5IH3BlUTg5WWXHpiY0BmpoGNBugg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRKViekzzlou5WB6fovJhucIgQl8s9svuVmuyu3v4XELutfXh8Fc3yzEko-agke-H2bK7f-dcoTdH4dkYJbegcHjHmDxv7n8rgca9vQ3uGKW5IH3BlUTg5WWXHpiY0BmpoGNBugg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3NTEwODM4LDMyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmVtLmNvbS5ici8iLG51bGwsW1s4LCIxajBlc051MFJXQSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxMiJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6d15c61aaa4d0fc54cc2858a895a1635095cff78abb121846caeed263285987
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D24-U4v9GSGkv20vhe6nug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-D24-U4v9GSGkv20vhe6nug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37D2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:16 GMT
expires
Wed, 16 Oct 2024 02:47:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bulk
trc.taboola.com/diariosassociados-em/log/3/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/diariosassociados-em/log/3/bulk?tvi2=8507&tvi48=9598&tvi50=10882&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231016-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7476
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230133-FRA
pragma
no-cache
server
nginx
x-timer
S1697510838.389893,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
container.html
1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 36AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:16 GMT
expires
Wed, 16 Oct 2024 02:47:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310061803000/ Frame FF69 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 17:13:37 GMT
age
34421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56106
x-xss-protection
0
server
sffe
etag
"6471d1057e0de0bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Oct 2024 17:13:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310061803000/v0/ Frame FF69 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310061803000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 17:13:37 GMT
age
34421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5216
x-xss-protection
0
server
sffe
etag
"c5e6042816070d0a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Oct 2024 17:13:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310061803000/v0/ Frame FF69 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310061803000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 17:13:37 GMT
age
34421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29020
x-xss-protection
0
server
sffe
etag
"9aef0fcfd5306f20"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Oct 2024 17:13:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310061803000/v0/ Frame FF69 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310061803000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 17:13:37 GMT
age
34421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1918
x-xss-protection
0
server
sffe
etag
"d9a3fbf21fc2b678"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Oct 2024 17:13:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310061803000/v0/ Frame FF69 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310061803000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 17:13:37 GMT
age
34421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"16aa7f89b2c84c04"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Oct 2024 17:13:37 GMT
truncated
/ Frame FF69 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f568225a5bfc4080a440f18335b11ec38eaa2f95dc0c0fff91847af36f7b89c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
14919581300516830625
tpc.googlesyndication.com/simgad/ Frame FF69 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14919581300516830625?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmhl2fi5qjzz1R9xjVfdy-ZEv88ow
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec78d33c73fc2163c568e4aab33718df9507802851f0fab591c42498d8f18ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 14:21:44 GMT
x-content-type-options
nosniff
age
476734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17520
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 11:45:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Oct 2024 14:21:44 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF69 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:21:45 GMT
x-content-type-options
nosniff
server
cafe
age
19533
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Tue, 17 Oct 2023 21:21:45 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF69 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
50286
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 17 Oct 2023 12:49:12 GMT
l
www.google.com/ads/measurement/ Frame FF69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfbwvhVimmSt4lrY3LnObIXcGy2gcbCFGHaaMGdSOCoxnCVviwZ4p7QBZeCFPhyHcBj6TV-0iHqeznAsO9hyeGgCC4Qw
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F9B 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGK7Q8O8BMAE&v=APEucNUIAINokLMogtOtr5ftXzm1ASg3-kq3NrzcH5TkU8VMdpLOp1NoPI-wcOOpztbJ6OzypOYKDZXUgKCJZHLiqG5VDMQBJKJJBAqoDPiiJIvsJPOLHy1oYB6HdQODx7zkkWDd4OFv0Dr4oOMbNaI1LKV8WwbXqyWJ0OQZSQMRmm1hqS75Ylc
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 37D2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:47:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37D2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWn4QybuM8ZzwDbEn97lR_SK5csXf4jzKHNYAwTh0SC7BppGGb9Mk5Z6xK7LJahPr-7RHNGnmHD231kaMu2xZVLG1XqRqv6ZMuYFoXsn5jb0lyfgA
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37D2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7486487278054087437&x=1&ct=76
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 37D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
44367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 37D2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
14415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 37D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxwuZxcp50F4wTFGOJCwxnzphvLSgE4Nf0YE1gsiEpgkCOd5Hb4QqniHiP13kmzcRDaKsqPxp3c7jvXm6Jk-QNF6fT6A
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37D2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:47:18 GMT
AGSKWxVw5up6zxjbTxcSrsZgGxZdqOhZ8SKzDBjLfFXct0pNEcnzwRgJmfPQDz-a4QKdiGGklFHHneDoGuTfnRkWrYuZFngXcZ9_MW_lRU7n_1wjSvqzZWdL9_gl1wa3jRvarM5qOI4blg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVw5up6zxjbTxcSrsZgGxZdqOhZ8SKzDBjLfFXct0pNEcnzwRgJmfPQDz-a4QKdiGGklFHHneDoGuTfnRkWrYuZFngXcZ9_MW_lRU7n_1wjSvqzZWdL9_gl1wa3jRvarM5qOI4blg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3B5S_fWb_iYuzY94GsfcWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3B5S_fWb_iYuzY94GsfcWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.em.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4530 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIjU8O8BMAE&v=APEucNWw9O5kqqDRdE6yvz-NoAmBrkO_yCn_qpI7jgwpLJuqI7vB0RAqoz5FV2zAN8VUjNu1ItvatwHEEhYws434pp9Ca-VAaGLqmXxuA4hsOUQfXbeP8VO0sdck8Kg5MhxMxH1irZG1n9DY2f67hSSFn3JHprEkDtFYoVbiWHlZhHqKn6WSidQ
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 36AD 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:47:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36AD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARu1vhOST1M8Kj0BY0FjvAAyz7EFw_rzR_tgHB_HXWe-hZ_JgMPFbQyqRqAEgVoHI_DOksOEk9vcxlJuG4O--nVgpCInBOiOJa40XpHhycRQj7WhU
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36AD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7262870574756595762&x=1&ct=76
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 36AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
44367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 36AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
14415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 36AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi2Ssztdfc57t5MkdU-p0Qz9kl8H2sY354_jhrvXa94UB2VSVqtWvAH6CZg5H-BECnfgo0Vl1HnWpIz8GFoz6Pjj9EKg
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36AD 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 02:47:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37D2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7647830625179&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37D2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7647830625179&version=m202309260101&ct=76&x=1&cor=7486487278054088000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 37D2 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6BU3h-Q-FitS0UdrupcM59gL5X9pTaWD8cxHQJK51SwzCagEif6reXFdUVFPWQhZoE8BKdAiHUvh9c_E0HBPuPBzYbuGkKbLLpw5TlAxCaHhb3LvdTzz6SVh0c8bb6oMSLu4Ftk7OB_RbMMN6GaUJYmRdRLFy1SN3cV5uj5uyF7BfpjE&dbm_d=AKAmf-AQ4WGNlPiQbMghl3-6qZ2NoBmJuF3z0HB5kPX9xXm20CtZSOaooYuLe6abFh4pc1lner2_18GIgEISAYo62pctJxbY0gSfNBdWFI6Yl5tWwBQrVi0hiSr-lEUnVh3LZ9G2zltMBlMrOndROISSVfSCjA2WINCqT3LiH-JDN_x3oahdeGapLLqig_ADPfpfsA7HNd_6ZrQoNbQr0kehQ7ChhC9CNHzuiQTPu51kwV9Cl6q7XCGaCvuKantYed70Hjpk5LtHzpEhB1FO-0TNjhrgitNMxp2DR9Ol3-dmpblktHgRiwzJAmt7XQP_NUjJujqfh6ZtXQxFkqe6VZpmXhT1YtaaAKuv9hV6jOdx4LMy9MALOVN_evcqUb07G_gc-rf3KBqu5KH9tWFVaTTnU5PDQEsHiWrUlpYXjjaWzLhNjQGOvswqR3FovUC2kt9ywXch5LUpqZ_lRNaFJuIfexmQlUuQ-TVPn2FZ_tGd5Vbu4oQBUm4DlQvQSvC4KW7gh-mZJrodPDa5v8BCFwYSwyv0ca3Q68-yJkEaRvMQJiDP0FHDst-rloaZyl00u0fzOdk6Q-R-M7gp8TE0ZLITX9t6a82BIoFYfQFLROec9W8VQ_ZRPOOLDrK9xaCVe2eotTw9b6KjLGY16f1ZdMxdS33HQHtn4yMe4bQxbbfhZcbGZpZ-mtir9CHA4-CAPHqXgf1Knjn9heMXwWeBxYNFMXaKwZnD699iETdw0-W965_9rC__bT2tAqIZ3nn0QhEDG9wt-owKrlWeyX4e1Rjf7sC_RTkogpGCcc_wSMETxFBHInCedBuddI3nXo9fCLI5MbArlFT3z7QCZyzc5Y1oHlZuWlEB_6WRSSiPZQRYGUHAsjPz4GkxLAGTX3vp77dI8wmEufqXnJPs0sCEdMnayHRPxghRU4dNVaVMLkdj0JSSHNrQfbanKTlNqY8fvHhy6qPiCDGumzQ4Jm94ycaPT6DeLzdzXPAZNq457xWgprLpWNuYURrNAqO0AC5WLgMTSLUb_XKU7Z0ligxpJQgO22lgOhnP3GZpGIT99fzNaORyAR1FFtfjcXWqma3bzabmcfMxKSZ-oONWbMuFdqmMUI-BsFRv4Uzve8XxWqpNmzGwDTsKvjhW2jXMFJ8r-sW29eJE2O4yKDmPWGJVMu0TUE7WD6IYNplhGs84tBPPr3g4qF4N1lDC7dGy0QdAxL3zqu_4k-W8U8oc5vPR-IYDJOyKOT2UmfP-ZFrSXPqUBm0AJN0GIKP5hNFzGuMGb6mVGXfK6G_cP7e6t2F5geldUNHttCtsHdzNoniybEP7acf2NlKEsEOZDXKbVMUJGmPyWO_mmRObDPsPigH4Vqw83feIhqOtZCGb69cz2vjgRWRvPecizO2Js9mhUtliWS3lkHM6UCTdgUjBHVyLPESlwXxSd5-GI-EHgMqkasUFe6bjOsYOiju_mDQgTOajPWWKcYdTwEXOE43mGe0lBSMeFYVVcEWbl56BtqeKTikZx53OXjx6RuBqJmNUkI1PjGFHMT9n01ZoSYTvXLnnGrl1nxK-w6CWMTTbFnlE_Ds2XDObiZWKJOFXki9bkssWlCFVzN0s9Hkldnmy8ky0K7_ecLiYfNqbv4LsEYo9MXx9s8wftESQJM_Sa4nlNlls6uv9o4Ms3V5H8ABn_tvSvpUQuwFICuvxHUJNrmr0Xm5JHHkcaq7yUcDTRbSNZ18eB6flPCBO16fa2bjAVIuvhVnEB8D_4SGxzmclumyN0Va6M-Bc54dmLoY7tPn_a5J4xkDyIl4BJgcQre3eiVmIZvaY4nU2QxUJd0HbCTRbTG2dgaq-SqWJJpbpc7t20q0n8GStuT4EOuwxVXmc3mjr6YB_wBKZCLljLgyb2EFYS9yWK6YzXQLvjPA2vz2zYrBKApRw5kaufMHjYT_unAEB-WUL-_L-dUk40XrOmpaoAs7L-QwEd4GPVLW_14hB-qrIE4j3QnOsZo1gBizzPj3D_N8zAYvY1wiEep-dIK1F4LvPQX42YctRCxCF9hLM5YOuHVw4R1-BEQVn14vwO7OlvmwYOQvGpu0-mlqYFOKvStRaCqH5lzcfultrCfjomkA9jOEyYsSd2bSvP6M_Q4Vh_e4H2mgkAB6LOSUuvumcotQ7ug21J5TanW7hce6hmbKyM-6XHMjtt-BUi0cF0zoEWuovBGA-8hlUfNtDqyO21trkUlg5dy-lSupMB5HBUjENRovEfAYSjgCzn02Z8Pg5AbYQCe5LGiVzxIWzb4gt8jG-NVAQ061DwBwl_fiLtSLySX77jR55DLx4b9LIgmzwZN3leF9hjXR_oNwFNgCK1_Dxdw06ftqYAEVW-ftalI09hvf-ohbiXNU3MeAVhVF8n6FfUXVnUeQc3rxNSgf-AtFWz8iBaAX2j5s-bL1lDH_LAyUnLWUX4rBFw-rNY434Re3BjxQFHuidvP1JeiwJHNRdlwRDBIeLvWdNmh6TTbPMV8XZzKbLWI8cQzOu001T6nosKju__h2xdZNG1x53vTzlvCpZDqdpw27d91Ewv8KXGP-tkRA0ubqv5Vw4muzW9K6ZuE2GZZO7ZupvUlx0mJRdL-eIgpujR0ZwPQV04rKv9S2m9KsA-GWe8lYIhSO4lTGPnjxgVAkhE7dyvnVJppbEqwFOK4FnUZnGA5WzJOMQNTDmDyrCFMJer_Cy2zPddKNnHBsz0zWrKTLvm3qiXtWrFueo1Pe8H1P6u2ZYD_A6N2ZDMbSARQoW8tL-BBffwSWcXY5dABXr0byQgn12J333SyTttvIMVfNIj_N_LfBXJymfT5W2OL1XtdTZ-U21a1Mn0qACs1K8fnCowiQqNVJbaZEr74q66NSmCWYILxLZpuPRjOLEaqDgoRzvELDI_MjZbHerx1QEL7uiTv6r7yeFlB3vi95KMF7CauAE-jcXmlhVvIz2LwaS7hMaHpVlDrP5gcYzNT47F3pfF66V1EG9DvDyENvER2mKgXf7o3efvdXI1uNzinJwsS8o2X5xie9Cu0g6Bb6va-lM9VVEC7mEzNJnNAUgxVb5JJgp08AEf-earuUJ7N0IImfVctFin_A3NRWWgrq4liYDyXCY0Ne159Ta3bsOeYRwBEW9Bqq66WS2GKSOae7-5f_z9QFnfaGs2iTBtQzXovnqKGrqLnBxVHiVI_r_TkAEoDdFIanEk44sa9SZus2UIvV5bz1H6oeN7WxFUvMYkCv8aN5k6HcyqG49pLGlJcYClvUh7QV0EeMhvLyyFxT_Cc2Xx0TQLK1D-PQmeuErqi9OTGNEwo4ZACX9JmnRzOy8wMR3XpNBBVjocA6tvKYoDNqtYq6rpVOjzH2s4gJvxp8KvD3t7xeJxS7FLcn6vmcr1lYD6ywqE0FOtwz9375NkupK64AyYihsVycLQW-2RO-5WxI2lNUTz0aeW_8fZmtX8KS9lYBbv1I0ssU1cmWVLJi8sWpOrRgEp1cuhVji5jTpej-jqCCj4QFi6SJPaVY0bXVZNCktxldCysFdZk0KUb79eqlueGE5-KTXz9eeWNjaUCvDoNEEBjtQM415BZ-dBaMu8DBqyKNcqB8Cr-FqP_gF5VYrMW1NLOzWMZMGh8Qxt2WidPX3429dr90YGe9WCnHPMBZWGIL27jJH96K0l368beq2AWMH3eovqeXc3ozZjg7PhcwIyK35vgPrXLxpiBzYz3WdJBHp6Gh_JdEOqtwbqihu-c8JkxbXwEWWQRqxK3LB44eNFQJzEPhKBEQ&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=7486487278054088000&adk=3661671305&idt=38&cac=0&dtd=50
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5ace0a97428f7f6ec88f95e06cb7e28702ba3fd69dead3d0bcd4afa45e34a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5F9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1&C=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGK7Q8O8BMAE&v=APEucNUIAINokLMogtOtr5ftXzm1ASg3-kq3NrzcH5TkU8VMdpLOp1NoPI-wcOOpztbJ6OzypOYKDZXUgKCJZHLiqG5VDMQBJKJJBAqoDPiiJIvsJPOLHy1oYB6HdQODx7zkkWDd4OFv0Dr4oOMbNaI1LKV8WwbXqyWJ0OQZSQMRmm1hqS75Ylc
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obIH2e%2FebjE%2FQn1up3M3T7VwEpRN30wpa%2FZXEgyROr4nZKVEh%2FA5Vkoji4vWamj2T5Z19W5U8v9jIpS8G2dRX%2BxMO2ypZBjAXlXLbnCD2NUZ0ayEXo8LgAsGBfiJuJlEJx3eH1VSRN%2Fo1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8175375528fe8fd4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4sQ16eqLnQQqqVnzu7XzqQOSs6wrMmQMaipJOMpvpvKORcHWZFUXvTpS01rmhV3gSWT1Rm%2FhCejqHq%2Fjn%2FWot0L5O1lLVzLFjQeX8VGKzOEaSjZsVH4Y14iyw86dpuH91YG6Pvg03yDVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1&C=1
cache-control
no-cache
cf-ray
81753754f8f48fd4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 5F9B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZS31tm43pzZyNak4CypqvAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGK7Q8O8BMAE&v=APEucNUIAINokLMogtOtr5ftXzm1ASg3-kq3NrzcH5TkU8VMdpLOp1NoPI-wcOOpztbJ6OzypOYKDZXUgKCJZHLiqG5VDMQBJKJJBAqoDPiiJIvsJPOLHy1oYB6HdQODx7zkkWDd4OFv0Dr4oOMbNaI1LKV8WwbXqyWJ0OQZSQMRmm1hqS75Ylc
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDqH1nTV0FsTBh1ypNKTnxNynnfgxGx67bkqIpIwMfHtdXeqnZARfwyANHV7MvFlf%2F3M7wmAnpseyUlBf5YCDwgF37qbrNL4R0xt6ytkFoicU2NjaEpF1UCfDWf%2FwPgn5jdztqLA8absNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8175375589284d31-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMq4TXWAEdatQh519DHW0ak&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5F9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECx8LtfkU8GicHu6QO7Xl_U&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECx8LtfkU8GicHu6QO7Xl_U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGK7Q8O8BMAE&v=APEucNUIAINokLMogtOtr5ftXzm1ASg3-kq3NrzcH5TkU8VMdpLOp1NoPI-wcOOpztbJ6OzypOYKDZXUgKCJZHLiqG5VDMQBJKJJBAqoDPiiJIvsJPOLHy1oYB6HdQODx7zkkWDd4OFv0Dr4oOMbNaI1LKV8WwbXqyWJ0OQZSQMRmm1hqS75Ylc
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
an-x-request-uuid
f0fb0cb0-51f3-486c-a09c-c09ee7c6ea19
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECx8LtfkU8GicHu6QO7Xl_U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA4OTc1NjA3NTc4Nzg4NTk3Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA4OTc1NjA3NTc4Nzg4NTk3Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGK7Q8O8BMAE&v=APEucNUIAINokLMogtOtr5ftXzm1ASg3-kq3NrzcH5TkU8VMdpLOp1NoPI-wcOOpztbJ6OzypOYKDZXUgKCJZHLiqG5VDMQBJKJJBAqoDPiiJIvsJPOLHy1oYB6HdQODx7zkkWDd4OFv0Dr4oOMbNaI1LKV8WwbXqyWJ0OQZSQMRmm1hqS75Ylc
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
an-x-request-uuid
64e2b382-03df-4df1-866e-aa07ca24661b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA4OTc1NjA3NTc4Nzg4NTk3Nw%3D%3D
x-proxy-origin
45.141.152.77; 45.141.152.77; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELzCz_vWAuhQ3U6FMTGIw0g&google_cver=1
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELzCz_vWAuhQ3U6FMTGIw0g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIjU8O8BMAE&v=APEucNWw9O5kqqDRdE6yvz-NoAmBrkO_yCn_qpI7jgwpLJuqI7vB0RAqoz5FV2zAN8VUjNu1ItvatwHEEhYws434pp9Ca-VAaGLqmXxuA4hsOUQfXbeP8VO0sdck8Kg5MhxMxH1irZG1n9DY2f67hSSFn3JHprEkDtFYoVbiWHlZhHqKn6WSidQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELzCz_vWAuhQ3U6FMTGIw0g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 4530 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIjU8O8BMAE&v=APEucNWw9O5kqqDRdE6yvz-NoAmBrkO_yCn_qpI7jgwpLJuqI7vB0RAqoz5FV2zAN8VUjNu1ItvatwHEEhYws434pp9Ca-VAaGLqmXxuA4hsOUQfXbeP8VO0sdck8Kg5MhxMxH1irZG1n9DY2f67hSSFn3JHprEkDtFYoVbiWHlZhHqKn6WSidQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 4530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKPKdKTxZe53-44LzOBw0rk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKPKdKTxZe53-44LzOBw0rk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIjU8O8BMAE&v=APEucNWw9O5kqqDRdE6yvz-NoAmBrkO_yCn_qpI7jgwpLJuqI7vB0RAqoz5FV2zAN8VUjNu1ItvatwHEEhYws434pp9Ca-VAaGLqmXxuA4hsOUQfXbeP8VO0sdck8Kg5MhxMxH1irZG1n9DY2f67hSSFn3JHprEkDtFYoVbiWHlZhHqKn6WSidQ
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 17 Oct 2023 02:47:18 GMT
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEKPKdKTxZe53-44LzOBw0rk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4530 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIjU8O8BMAE&v=APEucNWw9O5kqqDRdE6yvz-NoAmBrkO_yCn_qpI7jgwpLJuqI7vB0RAqoz5FV2zAN8VUjNu1ItvatwHEEhYws434pp9Ca-VAaGLqmXxuA4hsOUQfXbeP8VO0sdck8Kg5MhxMxH1irZG1n9DY2f67hSSFn3JHprEkDtFYoVbiWHlZhHqKn6WSidQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 17 Oct 2023 02:47:18 GMT
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4880621769085&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4880621769085&version=m202309260101&ct=76&x=1&cor=7262870574756596000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 36AD 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C9vSrYKeMvhCPu6mu-SCWmVno702qltWIUco5xqiGC8lAS-sFyIPfFAmNrzaeCB-6bYAH0X1QPJJb9nz1FujKYz9Bzpo3auOpi8tnCfoyczYW_r_Zf19sZ9mYoPvLpg6T7R2Qky8YwfEZ4r6HZiVJhCuonACmbFA6ZfwEYuJ-N21E_m50&dbm_d=AKAmf-A6pZ-Ahdxp2C7xUZrfmFgnt7IwOj2gpXwHRAlgI4DOTtWSMhHMNCMjO_OqLXrqa3mcXe5tFtmCj06w5rblHv2dZVBj6gG9B6BF0WLj9DKmPzgBaL8qcsCgBQfZZ6RB4oNFi3vGH_LnbJW78QI_ryvJ3dmD25JVSpLqPqjSXh5tcpF32M9qC7CdVOoP3ny051sztUQBC0dDeRw6vbFvljr9izRoh_B_BW6QTvhJVJ1SngVrwLMVQBWa7KnFilmF4mOnvxxW5CpAH8Ta8cYqincGV95OQu4ODulPwy3JbCPbZ5YnIXsWdw_RkGqGlEHA3_eXzPazAvHJ7ARNZFALoqL31COjvDGLyKcm0nRz5HHSNOe-atKXwvP0Sx72uviqwJWT0DV4fE1dDS7gu5VXTm7U9f8S94Hk03LEw03yis5FFlv9ZCQxU6FXGxCmqleY6N07O-0asTHC1plntCq_93KZi8W-DscbFnJOp3XcgIYpW8FteeNh94VWO2pytdS8iNq8gPoA4AFhGBbYq3ltkee4N4ZFrkXT21roa_D4bYjCm1TOc1ej9sPQ3sd2y-hVpkrA-9pXAdhSjCUA3vNeYWBPbD9VM6Tl6ZcG4t6Lwqu0O1qRaH4piicrYnhCSCLmrEq4NfnysrTJMftiJyio1_23uzGa0AJPKCwLhNDrKnztAxR4KHEz7pU4VwqA1fjUNNIknaJwi1Hs-cGN5LWCn1lRfRctdEnJTPWZggVXGl77j8ytVBsJzKxMLrMMrtr3LjONDNZ1T83bNMu71PSibch6PvMkC0VCZHXl4GQ7EwVVsGpDrnBD7bl2rzo8OPrDRdX-FHFaRziUn0JZvFdqvyj39SCir7cAtbpMjMkAeJaiV8yKH0FW2SRG6iJkPUneUPVcylymIGlw0TZfokcDfXBRUxNyeq2xEW9vDW09f7uyhK9VUOVbRuNLZ6wKLwwMDSatXkpRXuSM0iWq_gl648kTcI_Yrz4JxZQQ3YwUyGvLoP05m5wiKyNTj8oZ9QKnowvUA5zQr8bnGSVx74zZru10NaVCXkIkuz_l500Hmb8ZjJyN3qvoDvbMZ47ALfYqJ6kze6JxXcjdeHwY2rj0yi576VTkKN4SKYX5KBmcQ5g_Jnnjg87Y7ddUI7ACjsOJbGcQt6Y67DPKzvFp3cGZykYW3zrTdaS0kMcF5rfZIt_-9h5OCdTXXTb3uLTXxY3lr6xSoAv1GBCAcGe-KQjrTnN6H746Ifk9V7OVUXIY9bWNtJl8UHeJGQExVnYj_34ay1uX5mWaN7QOj1JXGivDXKfABWtgndmYCUSVqrWNz8skZUU54ElhkRv9T3GM7141yu-M5l9oJgjYnPoXOaI_FM9o1h-RNf3T4z2PXwn_oCqe3tuJGEaHK2BEHfyKZuYdHCyUYJR9K31BSR5WoThIUBGzL0GCV0FnUT7ZQ8vqPuZfoRwX6zBamlpYCCUU1dqHNr7QqTS1JD7fHVVFdxZlXy4ZwS9bQJxg1xbEV-Er8dyRPZaUY_xFIxouq0UICe6PZec4B1ZdP_ezOGc6CSseR5ZGCizTNNObDcchvtm9QPDLw4SXw2KC1xZcbEZRRM3xlWEGe9JGjr7HTE-8dHhM7Ag9cuiXaDn7stAJictGtiCrl5RbcrU4cCW9ZQS51dwX47hwiHVirwfP5X43xIdmPDpv3JySI-Rp54dUcGY1zDmj15pyJeLPTfM9BsQDNALk8zeoZcRDSHaZBnsFxZsVuvK5phSHOEKkIP5-SUmYLrwPIHNpSXcXfG0qzoHIOixUQQl3Sk_Av-iwBHEB2NEXfzvM691AmSRQNF05zEOuhgelGLIerb2xdGg9lWpInXTNzD6cQFBmxKWepnaGUNLsN3AmOnPMjYZLbP88X7RfAvriqjXNSjjWRPnT2kBeRWfBS7tkgsJ3CctCW3mqEDC6AqMOl4NFoF7vz3SPlr97EbGr_LdGB1KNbak7Y3eRyofHuDfcYxx1BpwxByQUkxjuavx89OAYLF-tshx5PB9z2KFRL3sfJ6Df2xpjpPGT19yMCqr7frK5F-zUCPGMW2wQmmppxWUC0HyMdOyE9ot4S9a30jSynhjS5tPxFlV_CPEMOQvurEG3iEjCiPQN8LLCDzYYWrUD8rxBWZ5x_szVwQZPuxoRZzLjcm2HneOb6wnSB1Klb5RBHOMz6oORsG46ainDign65HVAy_PEmQFi0qOz0v-X3JSmi8oQ1RBiYkgiieQBT7-OIFgf8CprRFHdTenaRXFKlv3S-FxBl8HX_MreSmdX_Vy5OCFMZduSAb5awosO8Xw6VfpSrecLTjJRGJgiFGfAhurtnggZ4uCMZKNOoPK1q8KAURKMHZ6irN_CWz2WQQq0CpDicsCe5p6EfX4aH0lu5A-aleihOcE9RNiiLVRxSxPamt05uIOFlmjdaglgeC7e0WljvY36E_9mxnqBdRCc0CuBfB2-3lRUGdcSm1yssZWi0SgHQryH-isMIAW-vAhYiUEIT4tihhkkI_FvYXtIbOlv5WdYZDcoYpuX1MPgqGStgdhRpxMDZUm6JVWnUEO2rn6JSZ1PF1M9eD2D2_qxG4bWsIr9S447Nkt72CiC1ovFMPmqIYfZz1c6BpOITqFz3c6pAm6xpXEFJnVF92p2YDV58rxemeQg94Og_en3OKAUdyNRTWY5g58BH6N1-jCZwk8bGpHM5ErPZDHKZfKIsF9WRdSQFY9_X4zvXMxLbTf4tEabPCt9ZixGWGpMYGu5_M3LgVtjm5u5rOR-Uu2YUvEpo-5vqf6lUOcUp_mPjsHSfe0LxS4V9ndVtcN4vLVDdOVupqFwxKvNhHYzavC84bv-Da55Kw0Ql8hvLccwwuSBJYLc7g8K_23_zEqrWrlN56h_JxwEjYPItP_b6YAZsjbB-V0YFT7Cjx-NQXSdROha_K1GjIzsvCWODcBdqf1vSITeaG6nPn9YNY4vDwNReh7kcMjSRoB9iVA0J4WLtPBID_sSjZoXr0XmJunU09YOVZWTPERw_C9MHBIYpsQbmP85dzuKtoJ0qkUz2tMMpLo05JKpeY2gV0Ccdi7JzVLSF_kP6WZMmiyqeZrcJRdQjJ5uG-4I7vN9do5C_X36GhBiccfSXUIMBXJzRaEgoB5xVRDnnYSGzcASvvAEtQF3qJQkfaVwZUWjU4jLx8lvBzBcjYCWwhV_HzL5ewIAcMRo5fwA_V7AuM4WRwbe8PCUghgvj5y7cZ_h8p9MMDUvhhk50y5bmPXYXk5NmEPWC2Kfpw92kAwdgojrybympA-e2EMn2ivIwX7TzUqJ5H4RXAUVwMlvTWyhMgE5H2qJYpX29ERKwev5R4YisUNOdGD1tin5HFfZAxUlknuuTlMIeOD_D9kRq_ekZEGaa5cZ-a8G5xYBeZSyBzou0SsOxNJ0ChRIEGjLD7h-W7nnlB34VKudnPV4y6faUGD_GkDOe_11oLozLmKy25LMlwAPHKiGjX3wszDbPeF5nmSpSEBv7xY5LH822L52JlrurIC_wm4JMM86feRzU9OKr1oU-gJUyQeXogkkAHsFuR9h4Gv-oxqOBcSuGIkqzFZSuS6uYGNc7xJE99N6890ZnHwm1j2lN2MPYQGT4T7W_bnxzAQ0HR9GSzycYz2YlvoXJp1mKTIyrr2XiktkubC21x1AW2Bk_CFCjyQsI1kqlrkgVHmjklYZ19L2kO_15WY7iyojD9x9XYUJyr7skuBcjf_6a6wmcP8M6MfF4NZ-cFxRZ9ZAKkSe8D_BINBvSBfWK9PFLKcx&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=7262870574756596000&adk=2265872549&idt=50&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5de65b4e755d35f6c2eb01d43394e50f63e26df83d56aeb8371a244f9d6eac25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41608
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10258-0&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1697510838111_764254285&tJ=&tQ=em-geral&tU=0100007FB5F52D659A060377025C1820&tX=b.52&tY=1&tZ=36435410
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FF69
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14919581300516830625
tpc.googlesyndication.com/simgad/ Frame FF69 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14919581300516830625?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmhl2fi5qjzz1R9xjVfdy-ZEv88ow
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec78d33c73fc2163c568e4aab33718df9507802851f0fab591c42498d8f18ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 14:21:44 GMT
x-content-type-options
nosniff
age
476734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17520
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 11:45:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Oct 2024 14:21:44 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF69 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:21:45 GMT
x-content-type-options
nosniff
server
cafe
age
19533
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Tue, 17 Oct 2023 21:21:45 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF69 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
50286
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 17 Oct 2023 12:49:12 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1549653/72464738/ Frame 37D2 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1549653/72464738/skeleton.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.6.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-6-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8646d5625f00d6dbb7d2422c2a5c3835851f939815520e9a0080f4f4f999c79c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 37D2 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Origin
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 37D2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6BU3h-Q-FitS0UdrupcM59gL5X9pTaWD8cxHQJK51SwzCagEif6reXFdUVFPWQhZoE8BKdAiHUvh9c_E0HBPuPBzYbuGkKbLLpw5TlAxCaHhb3LvdTzz6SVh0c8bb6oMSLu4Ftk7OB_RbMMN6GaUJYmRdRLFy1SN3cV5uj5uyF7BfpjE&dbm_d=AKAmf-AQ4WGNlPiQbMghl3-6qZ2NoBmJuF3z0HB5kPX9xXm20CtZSOaooYuLe6abFh4pc1lner2_18GIgEISAYo62pctJxbY0gSfNBdWFI6Yl5tWwBQrVi0hiSr-lEUnVh3LZ9G2zltMBlMrOndROISSVfSCjA2WINCqT3LiH-JDN_x3oahdeGapLLqig_ADPfpfsA7HNd_6ZrQoNbQr0kehQ7ChhC9CNHzuiQTPu51kwV9Cl6q7XCGaCvuKantYed70Hjpk5LtHzpEhB1FO-0TNjhrgitNMxp2DR9Ol3-dmpblktHgRiwzJAmt7XQP_NUjJujqfh6ZtXQxFkqe6VZpmXhT1YtaaAKuv9hV6jOdx4LMy9MALOVN_evcqUb07G_gc-rf3KBqu5KH9tWFVaTTnU5PDQEsHiWrUlpYXjjaWzLhNjQGOvswqR3FovUC2kt9ywXch5LUpqZ_lRNaFJuIfexmQlUuQ-TVPn2FZ_tGd5Vbu4oQBUm4DlQvQSvC4KW7gh-mZJrodPDa5v8BCFwYSwyv0ca3Q68-yJkEaRvMQJiDP0FHDst-rloaZyl00u0fzOdk6Q-R-M7gp8TE0ZLITX9t6a82BIoFYfQFLROec9W8VQ_ZRPOOLDrK9xaCVe2eotTw9b6KjLGY16f1ZdMxdS33HQHtn4yMe4bQxbbfhZcbGZpZ-mtir9CHA4-CAPHqXgf1Knjn9heMXwWeBxYNFMXaKwZnD699iETdw0-W965_9rC__bT2tAqIZ3nn0QhEDG9wt-owKrlWeyX4e1Rjf7sC_RTkogpGCcc_wSMETxFBHInCedBuddI3nXo9fCLI5MbArlFT3z7QCZyzc5Y1oHlZuWlEB_6WRSSiPZQRYGUHAsjPz4GkxLAGTX3vp77dI8wmEufqXnJPs0sCEdMnayHRPxghRU4dNVaVMLkdj0JSSHNrQfbanKTlNqY8fvHhy6qPiCDGumzQ4Jm94ycaPT6DeLzdzXPAZNq457xWgprLpWNuYURrNAqO0AC5WLgMTSLUb_XKU7Z0ligxpJQgO22lgOhnP3GZpGIT99fzNaORyAR1FFtfjcXWqma3bzabmcfMxKSZ-oONWbMuFdqmMUI-BsFRv4Uzve8XxWqpNmzGwDTsKvjhW2jXMFJ8r-sW29eJE2O4yKDmPWGJVMu0TUE7WD6IYNplhGs84tBPPr3g4qF4N1lDC7dGy0QdAxL3zqu_4k-W8U8oc5vPR-IYDJOyKOT2UmfP-ZFrSXPqUBm0AJN0GIKP5hNFzGuMGb6mVGXfK6G_cP7e6t2F5geldUNHttCtsHdzNoniybEP7acf2NlKEsEOZDXKbVMUJGmPyWO_mmRObDPsPigH4Vqw83feIhqOtZCGb69cz2vjgRWRvPecizO2Js9mhUtliWS3lkHM6UCTdgUjBHVyLPESlwXxSd5-GI-EHgMqkasUFe6bjOsYOiju_mDQgTOajPWWKcYdTwEXOE43mGe0lBSMeFYVVcEWbl56BtqeKTikZx53OXjx6RuBqJmNUkI1PjGFHMT9n01ZoSYTvXLnnGrl1nxK-w6CWMTTbFnlE_Ds2XDObiZWKJOFXki9bkssWlCFVzN0s9Hkldnmy8ky0K7_ecLiYfNqbv4LsEYo9MXx9s8wftESQJM_Sa4nlNlls6uv9o4Ms3V5H8ABn_tvSvpUQuwFICuvxHUJNrmr0Xm5JHHkcaq7yUcDTRbSNZ18eB6flPCBO16fa2bjAVIuvhVnEB8D_4SGxzmclumyN0Va6M-Bc54dmLoY7tPn_a5J4xkDyIl4BJgcQre3eiVmIZvaY4nU2QxUJd0HbCTRbTG2dgaq-SqWJJpbpc7t20q0n8GStuT4EOuwxVXmc3mjr6YB_wBKZCLljLgyb2EFYS9yWK6YzXQLvjPA2vz2zYrBKApRw5kaufMHjYT_unAEB-WUL-_L-dUk40XrOmpaoAs7L-QwEd4GPVLW_14hB-qrIE4j3QnOsZo1gBizzPj3D_N8zAYvY1wiEep-dIK1F4LvPQX42YctRCxCF9hLM5YOuHVw4R1-BEQVn14vwO7OlvmwYOQvGpu0-mlqYFOKvStRaCqH5lzcfultrCfjomkA9jOEyYsSd2bSvP6M_Q4Vh_e4H2mgkAB6LOSUuvumcotQ7ug21J5TanW7hce6hmbKyM-6XHMjtt-BUi0cF0zoEWuovBGA-8hlUfNtDqyO21trkUlg5dy-lSupMB5HBUjENRovEfAYSjgCzn02Z8Pg5AbYQCe5LGiVzxIWzb4gt8jG-NVAQ061DwBwl_fiLtSLySX77jR55DLx4b9LIgmzwZN3leF9hjXR_oNwFNgCK1_Dxdw06ftqYAEVW-ftalI09hvf-ohbiXNU3MeAVhVF8n6FfUXVnUeQc3rxNSgf-AtFWz8iBaAX2j5s-bL1lDH_LAyUnLWUX4rBFw-rNY434Re3BjxQFHuidvP1JeiwJHNRdlwRDBIeLvWdNmh6TTbPMV8XZzKbLWI8cQzOu001T6nosKju__h2xdZNG1x53vTzlvCpZDqdpw27d91Ewv8KXGP-tkRA0ubqv5Vw4muzW9K6ZuE2GZZO7ZupvUlx0mJRdL-eIgpujR0ZwPQV04rKv9S2m9KsA-GWe8lYIhSO4lTGPnjxgVAkhE7dyvnVJppbEqwFOK4FnUZnGA5WzJOMQNTDmDyrCFMJer_Cy2zPddKNnHBsz0zWrKTLvm3qiXtWrFueo1Pe8H1P6u2ZYD_A6N2ZDMbSARQoW8tL-BBffwSWcXY5dABXr0byQgn12J333SyTttvIMVfNIj_N_LfBXJymfT5W2OL1XtdTZ-U21a1Mn0qACs1K8fnCowiQqNVJbaZEr74q66NSmCWYILxLZpuPRjOLEaqDgoRzvELDI_MjZbHerx1QEL7uiTv6r7yeFlB3vi95KMF7CauAE-jcXmlhVvIz2LwaS7hMaHpVlDrP5gcYzNT47F3pfF66V1EG9DvDyENvER2mKgXf7o3efvdXI1uNzinJwsS8o2X5xie9Cu0g6Bb6va-lM9VVEC7mEzNJnNAUgxVb5JJgp08AEf-earuUJ7N0IImfVctFin_A3NRWWgrq4liYDyXCY0Ne159Ta3bsOeYRwBEW9Bqq66WS2GKSOae7-5f_z9QFnfaGs2iTBtQzXovnqKGrqLnBxVHiVI_r_TkAEoDdFIanEk44sa9SZus2UIvV5bz1H6oeN7WxFUvMYkCv8aN5k6HcyqG49pLGlJcYClvUh7QV0EeMhvLyyFxT_Cc2Xx0TQLK1D-PQmeuErqi9OTGNEwo4ZACX9JmnRzOy8wMR3XpNBBVjocA6tvKYoDNqtYq6rpVOjzH2s4gJvxp8KvD3t7xeJxS7FLcn6vmcr1lYD6ywqE0FOtwz9375NkupK64AyYihsVycLQW-2RO-5WxI2lNUTz0aeW_8fZmtX8KS9lYBbv1I0ssU1cmWVLJi8sWpOrRgEp1cuhVji5jTpej-jqCCj4QFi6SJPaVY0bXVZNCktxldCysFdZk0KUb79eqlueGE5-KTXz9eeWNjaUCvDoNEEBjtQM415BZ-dBaMu8DBqyKNcqB8Cr-FqP_gF5VYrMW1NLOzWMZMGh8Qxt2WidPX3429dr90YGe9WCnHPMBZWGIL27jJH96K0l368beq2AWMH3eovqeXc3ozZjg7PhcwIyK35vgPrXLxpiBzYz3WdJBHp6Gh_JdEOqtwbqihu-c8JkxbXwEWWQRqxK3LB44eNFQJzEPhKBEQ&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=7486487278054088000&adk=3661671305&idt=38&cac=0&dtd=50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 37D2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6BU3h-Q-FitS0UdrupcM59gL5X9pTaWD8cxHQJK51SwzCagEif6reXFdUVFPWQhZoE8BKdAiHUvh9c_E0HBPuPBzYbuGkKbLLpw5TlAxCaHhb3LvdTzz6SVh0c8bb6oMSLu4Ftk7OB_RbMMN6GaUJYmRdRLFy1SN3cV5uj5uyF7BfpjE&dbm_d=AKAmf-AQ4WGNlPiQbMghl3-6qZ2NoBmJuF3z0HB5kPX9xXm20CtZSOaooYuLe6abFh4pc1lner2_18GIgEISAYo62pctJxbY0gSfNBdWFI6Yl5tWwBQrVi0hiSr-lEUnVh3LZ9G2zltMBlMrOndROISSVfSCjA2WINCqT3LiH-JDN_x3oahdeGapLLqig_ADPfpfsA7HNd_6ZrQoNbQr0kehQ7ChhC9CNHzuiQTPu51kwV9Cl6q7XCGaCvuKantYed70Hjpk5LtHzpEhB1FO-0TNjhrgitNMxp2DR9Ol3-dmpblktHgRiwzJAmt7XQP_NUjJujqfh6ZtXQxFkqe6VZpmXhT1YtaaAKuv9hV6jOdx4LMy9MALOVN_evcqUb07G_gc-rf3KBqu5KH9tWFVaTTnU5PDQEsHiWrUlpYXjjaWzLhNjQGOvswqR3FovUC2kt9ywXch5LUpqZ_lRNaFJuIfexmQlUuQ-TVPn2FZ_tGd5Vbu4oQBUm4DlQvQSvC4KW7gh-mZJrodPDa5v8BCFwYSwyv0ca3Q68-yJkEaRvMQJiDP0FHDst-rloaZyl00u0fzOdk6Q-R-M7gp8TE0ZLITX9t6a82BIoFYfQFLROec9W8VQ_ZRPOOLDrK9xaCVe2eotTw9b6KjLGY16f1ZdMxdS33HQHtn4yMe4bQxbbfhZcbGZpZ-mtir9CHA4-CAPHqXgf1Knjn9heMXwWeBxYNFMXaKwZnD699iETdw0-W965_9rC__bT2tAqIZ3nn0QhEDG9wt-owKrlWeyX4e1Rjf7sC_RTkogpGCcc_wSMETxFBHInCedBuddI3nXo9fCLI5MbArlFT3z7QCZyzc5Y1oHlZuWlEB_6WRSSiPZQRYGUHAsjPz4GkxLAGTX3vp77dI8wmEufqXnJPs0sCEdMnayHRPxghRU4dNVaVMLkdj0JSSHNrQfbanKTlNqY8fvHhy6qPiCDGumzQ4Jm94ycaPT6DeLzdzXPAZNq457xWgprLpWNuYURrNAqO0AC5WLgMTSLUb_XKU7Z0ligxpJQgO22lgOhnP3GZpGIT99fzNaORyAR1FFtfjcXWqma3bzabmcfMxKSZ-oONWbMuFdqmMUI-BsFRv4Uzve8XxWqpNmzGwDTsKvjhW2jXMFJ8r-sW29eJE2O4yKDmPWGJVMu0TUE7WD6IYNplhGs84tBPPr3g4qF4N1lDC7dGy0QdAxL3zqu_4k-W8U8oc5vPR-IYDJOyKOT2UmfP-ZFrSXPqUBm0AJN0GIKP5hNFzGuMGb6mVGXfK6G_cP7e6t2F5geldUNHttCtsHdzNoniybEP7acf2NlKEsEOZDXKbVMUJGmPyWO_mmRObDPsPigH4Vqw83feIhqOtZCGb69cz2vjgRWRvPecizO2Js9mhUtliWS3lkHM6UCTdgUjBHVyLPESlwXxSd5-GI-EHgMqkasUFe6bjOsYOiju_mDQgTOajPWWKcYdTwEXOE43mGe0lBSMeFYVVcEWbl56BtqeKTikZx53OXjx6RuBqJmNUkI1PjGFHMT9n01ZoSYTvXLnnGrl1nxK-w6CWMTTbFnlE_Ds2XDObiZWKJOFXki9bkssWlCFVzN0s9Hkldnmy8ky0K7_ecLiYfNqbv4LsEYo9MXx9s8wftESQJM_Sa4nlNlls6uv9o4Ms3V5H8ABn_tvSvpUQuwFICuvxHUJNrmr0Xm5JHHkcaq7yUcDTRbSNZ18eB6flPCBO16fa2bjAVIuvhVnEB8D_4SGxzmclumyN0Va6M-Bc54dmLoY7tPn_a5J4xkDyIl4BJgcQre3eiVmIZvaY4nU2QxUJd0HbCTRbTG2dgaq-SqWJJpbpc7t20q0n8GStuT4EOuwxVXmc3mjr6YB_wBKZCLljLgyb2EFYS9yWK6YzXQLvjPA2vz2zYrBKApRw5kaufMHjYT_unAEB-WUL-_L-dUk40XrOmpaoAs7L-QwEd4GPVLW_14hB-qrIE4j3QnOsZo1gBizzPj3D_N8zAYvY1wiEep-dIK1F4LvPQX42YctRCxCF9hLM5YOuHVw4R1-BEQVn14vwO7OlvmwYOQvGpu0-mlqYFOKvStRaCqH5lzcfultrCfjomkA9jOEyYsSd2bSvP6M_Q4Vh_e4H2mgkAB6LOSUuvumcotQ7ug21J5TanW7hce6hmbKyM-6XHMjtt-BUi0cF0zoEWuovBGA-8hlUfNtDqyO21trkUlg5dy-lSupMB5HBUjENRovEfAYSjgCzn02Z8Pg5AbYQCe5LGiVzxIWzb4gt8jG-NVAQ061DwBwl_fiLtSLySX77jR55DLx4b9LIgmzwZN3leF9hjXR_oNwFNgCK1_Dxdw06ftqYAEVW-ftalI09hvf-ohbiXNU3MeAVhVF8n6FfUXVnUeQc3rxNSgf-AtFWz8iBaAX2j5s-bL1lDH_LAyUnLWUX4rBFw-rNY434Re3BjxQFHuidvP1JeiwJHNRdlwRDBIeLvWdNmh6TTbPMV8XZzKbLWI8cQzOu001T6nosKju__h2xdZNG1x53vTzlvCpZDqdpw27d91Ewv8KXGP-tkRA0ubqv5Vw4muzW9K6ZuE2GZZO7ZupvUlx0mJRdL-eIgpujR0ZwPQV04rKv9S2m9KsA-GWe8lYIhSO4lTGPnjxgVAkhE7dyvnVJppbEqwFOK4FnUZnGA5WzJOMQNTDmDyrCFMJer_Cy2zPddKNnHBsz0zWrKTLvm3qiXtWrFueo1Pe8H1P6u2ZYD_A6N2ZDMbSARQoW8tL-BBffwSWcXY5dABXr0byQgn12J333SyTttvIMVfNIj_N_LfBXJymfT5W2OL1XtdTZ-U21a1Mn0qACs1K8fnCowiQqNVJbaZEr74q66NSmCWYILxLZpuPRjOLEaqDgoRzvELDI_MjZbHerx1QEL7uiTv6r7yeFlB3vi95KMF7CauAE-jcXmlhVvIz2LwaS7hMaHpVlDrP5gcYzNT47F3pfF66V1EG9DvDyENvER2mKgXf7o3efvdXI1uNzinJwsS8o2X5xie9Cu0g6Bb6va-lM9VVEC7mEzNJnNAUgxVb5JJgp08AEf-earuUJ7N0IImfVctFin_A3NRWWgrq4liYDyXCY0Ne159Ta3bsOeYRwBEW9Bqq66WS2GKSOae7-5f_z9QFnfaGs2iTBtQzXovnqKGrqLnBxVHiVI_r_TkAEoDdFIanEk44sa9SZus2UIvV5bz1H6oeN7WxFUvMYkCv8aN5k6HcyqG49pLGlJcYClvUh7QV0EeMhvLyyFxT_Cc2Xx0TQLK1D-PQmeuErqi9OTGNEwo4ZACX9JmnRzOy8wMR3XpNBBVjocA6tvKYoDNqtYq6rpVOjzH2s4gJvxp8KvD3t7xeJxS7FLcn6vmcr1lYD6ywqE0FOtwz9375NkupK64AyYihsVycLQW-2RO-5WxI2lNUTz0aeW_8fZmtX8KS9lYBbv1I0ssU1cmWVLJi8sWpOrRgEp1cuhVji5jTpej-jqCCj4QFi6SJPaVY0bXVZNCktxldCysFdZk0KUb79eqlueGE5-KTXz9eeWNjaUCvDoNEEBjtQM415BZ-dBaMu8DBqyKNcqB8Cr-FqP_gF5VYrMW1NLOzWMZMGh8Qxt2WidPX3429dr90YGe9WCnHPMBZWGIL27jJH96K0l368beq2AWMH3eovqeXc3ozZjg7PhcwIyK35vgPrXLxpiBzYz3WdJBHp6Gh_JdEOqtwbqihu-c8JkxbXwEWWQRqxK3LB44eNFQJzEPhKBEQ&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=7486487278054088000&adk=3661671305&idt=38&cac=0&dtd=50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 13:38:45 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 37D2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
443286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 23:39:12 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1549653/72464800/ Frame 36AD 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1549653/72464800/skeleton.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.6.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-6-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b9fc5de5a78d05ae86812f52218aaa0987c090f0735b97e02215e83702f644ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 36AD 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Origin
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 36AD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C9vSrYKeMvhCPu6mu-SCWmVno702qltWIUco5xqiGC8lAS-sFyIPfFAmNrzaeCB-6bYAH0X1QPJJb9nz1FujKYz9Bzpo3auOpi8tnCfoyczYW_r_Zf19sZ9mYoPvLpg6T7R2Qky8YwfEZ4r6HZiVJhCuonACmbFA6ZfwEYuJ-N21E_m50&dbm_d=AKAmf-A6pZ-Ahdxp2C7xUZrfmFgnt7IwOj2gpXwHRAlgI4DOTtWSMhHMNCMjO_OqLXrqa3mcXe5tFtmCj06w5rblHv2dZVBj6gG9B6BF0WLj9DKmPzgBaL8qcsCgBQfZZ6RB4oNFi3vGH_LnbJW78QI_ryvJ3dmD25JVSpLqPqjSXh5tcpF32M9qC7CdVOoP3ny051sztUQBC0dDeRw6vbFvljr9izRoh_B_BW6QTvhJVJ1SngVrwLMVQBWa7KnFilmF4mOnvxxW5CpAH8Ta8cYqincGV95OQu4ODulPwy3JbCPbZ5YnIXsWdw_RkGqGlEHA3_eXzPazAvHJ7ARNZFALoqL31COjvDGLyKcm0nRz5HHSNOe-atKXwvP0Sx72uviqwJWT0DV4fE1dDS7gu5VXTm7U9f8S94Hk03LEw03yis5FFlv9ZCQxU6FXGxCmqleY6N07O-0asTHC1plntCq_93KZi8W-DscbFnJOp3XcgIYpW8FteeNh94VWO2pytdS8iNq8gPoA4AFhGBbYq3ltkee4N4ZFrkXT21roa_D4bYjCm1TOc1ej9sPQ3sd2y-hVpkrA-9pXAdhSjCUA3vNeYWBPbD9VM6Tl6ZcG4t6Lwqu0O1qRaH4piicrYnhCSCLmrEq4NfnysrTJMftiJyio1_23uzGa0AJPKCwLhNDrKnztAxR4KHEz7pU4VwqA1fjUNNIknaJwi1Hs-cGN5LWCn1lRfRctdEnJTPWZggVXGl77j8ytVBsJzKxMLrMMrtr3LjONDNZ1T83bNMu71PSibch6PvMkC0VCZHXl4GQ7EwVVsGpDrnBD7bl2rzo8OPrDRdX-FHFaRziUn0JZvFdqvyj39SCir7cAtbpMjMkAeJaiV8yKH0FW2SRG6iJkPUneUPVcylymIGlw0TZfokcDfXBRUxNyeq2xEW9vDW09f7uyhK9VUOVbRuNLZ6wKLwwMDSatXkpRXuSM0iWq_gl648kTcI_Yrz4JxZQQ3YwUyGvLoP05m5wiKyNTj8oZ9QKnowvUA5zQr8bnGSVx74zZru10NaVCXkIkuz_l500Hmb8ZjJyN3qvoDvbMZ47ALfYqJ6kze6JxXcjdeHwY2rj0yi576VTkKN4SKYX5KBmcQ5g_Jnnjg87Y7ddUI7ACjsOJbGcQt6Y67DPKzvFp3cGZykYW3zrTdaS0kMcF5rfZIt_-9h5OCdTXXTb3uLTXxY3lr6xSoAv1GBCAcGe-KQjrTnN6H746Ifk9V7OVUXIY9bWNtJl8UHeJGQExVnYj_34ay1uX5mWaN7QOj1JXGivDXKfABWtgndmYCUSVqrWNz8skZUU54ElhkRv9T3GM7141yu-M5l9oJgjYnPoXOaI_FM9o1h-RNf3T4z2PXwn_oCqe3tuJGEaHK2BEHfyKZuYdHCyUYJR9K31BSR5WoThIUBGzL0GCV0FnUT7ZQ8vqPuZfoRwX6zBamlpYCCUU1dqHNr7QqTS1JD7fHVVFdxZlXy4ZwS9bQJxg1xbEV-Er8dyRPZaUY_xFIxouq0UICe6PZec4B1ZdP_ezOGc6CSseR5ZGCizTNNObDcchvtm9QPDLw4SXw2KC1xZcbEZRRM3xlWEGe9JGjr7HTE-8dHhM7Ag9cuiXaDn7stAJictGtiCrl5RbcrU4cCW9ZQS51dwX47hwiHVirwfP5X43xIdmPDpv3JySI-Rp54dUcGY1zDmj15pyJeLPTfM9BsQDNALk8zeoZcRDSHaZBnsFxZsVuvK5phSHOEKkIP5-SUmYLrwPIHNpSXcXfG0qzoHIOixUQQl3Sk_Av-iwBHEB2NEXfzvM691AmSRQNF05zEOuhgelGLIerb2xdGg9lWpInXTNzD6cQFBmxKWepnaGUNLsN3AmOnPMjYZLbP88X7RfAvriqjXNSjjWRPnT2kBeRWfBS7tkgsJ3CctCW3mqEDC6AqMOl4NFoF7vz3SPlr97EbGr_LdGB1KNbak7Y3eRyofHuDfcYxx1BpwxByQUkxjuavx89OAYLF-tshx5PB9z2KFRL3sfJ6Df2xpjpPGT19yMCqr7frK5F-zUCPGMW2wQmmppxWUC0HyMdOyE9ot4S9a30jSynhjS5tPxFlV_CPEMOQvurEG3iEjCiPQN8LLCDzYYWrUD8rxBWZ5x_szVwQZPuxoRZzLjcm2HneOb6wnSB1Klb5RBHOMz6oORsG46ainDign65HVAy_PEmQFi0qOz0v-X3JSmi8oQ1RBiYkgiieQBT7-OIFgf8CprRFHdTenaRXFKlv3S-FxBl8HX_MreSmdX_Vy5OCFMZduSAb5awosO8Xw6VfpSrecLTjJRGJgiFGfAhurtnggZ4uCMZKNOoPK1q8KAURKMHZ6irN_CWz2WQQq0CpDicsCe5p6EfX4aH0lu5A-aleihOcE9RNiiLVRxSxPamt05uIOFlmjdaglgeC7e0WljvY36E_9mxnqBdRCc0CuBfB2-3lRUGdcSm1yssZWi0SgHQryH-isMIAW-vAhYiUEIT4tihhkkI_FvYXtIbOlv5WdYZDcoYpuX1MPgqGStgdhRpxMDZUm6JVWnUEO2rn6JSZ1PF1M9eD2D2_qxG4bWsIr9S447Nkt72CiC1ovFMPmqIYfZz1c6BpOITqFz3c6pAm6xpXEFJnVF92p2YDV58rxemeQg94Og_en3OKAUdyNRTWY5g58BH6N1-jCZwk8bGpHM5ErPZDHKZfKIsF9WRdSQFY9_X4zvXMxLbTf4tEabPCt9ZixGWGpMYGu5_M3LgVtjm5u5rOR-Uu2YUvEpo-5vqf6lUOcUp_mPjsHSfe0LxS4V9ndVtcN4vLVDdOVupqFwxKvNhHYzavC84bv-Da55Kw0Ql8hvLccwwuSBJYLc7g8K_23_zEqrWrlN56h_JxwEjYPItP_b6YAZsjbB-V0YFT7Cjx-NQXSdROha_K1GjIzsvCWODcBdqf1vSITeaG6nPn9YNY4vDwNReh7kcMjSRoB9iVA0J4WLtPBID_sSjZoXr0XmJunU09YOVZWTPERw_C9MHBIYpsQbmP85dzuKtoJ0qkUz2tMMpLo05JKpeY2gV0Ccdi7JzVLSF_kP6WZMmiyqeZrcJRdQjJ5uG-4I7vN9do5C_X36GhBiccfSXUIMBXJzRaEgoB5xVRDnnYSGzcASvvAEtQF3qJQkfaVwZUWjU4jLx8lvBzBcjYCWwhV_HzL5ewIAcMRo5fwA_V7AuM4WRwbe8PCUghgvj5y7cZ_h8p9MMDUvhhk50y5bmPXYXk5NmEPWC2Kfpw92kAwdgojrybympA-e2EMn2ivIwX7TzUqJ5H4RXAUVwMlvTWyhMgE5H2qJYpX29ERKwev5R4YisUNOdGD1tin5HFfZAxUlknuuTlMIeOD_D9kRq_ekZEGaa5cZ-a8G5xYBeZSyBzou0SsOxNJ0ChRIEGjLD7h-W7nnlB34VKudnPV4y6faUGD_GkDOe_11oLozLmKy25LMlwAPHKiGjX3wszDbPeF5nmSpSEBv7xY5LH822L52JlrurIC_wm4JMM86feRzU9OKr1oU-gJUyQeXogkkAHsFuR9h4Gv-oxqOBcSuGIkqzFZSuS6uYGNc7xJE99N6890ZnHwm1j2lN2MPYQGT4T7W_bnxzAQ0HR9GSzycYz2YlvoXJp1mKTIyrr2XiktkubC21x1AW2Bk_CFCjyQsI1kqlrkgVHmjklYZ19L2kO_15WY7iyojD9x9XYUJyr7skuBcjf_6a6wmcP8M6MfF4NZ-cFxRZ9ZAKkSe8D_BINBvSBfWK9PFLKcx&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=7262870574756596000&adk=2265872549&idt=50&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 36AD 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C9vSrYKeMvhCPu6mu-SCWmVno702qltWIUco5xqiGC8lAS-sFyIPfFAmNrzaeCB-6bYAH0X1QPJJb9nz1FujKYz9Bzpo3auOpi8tnCfoyczYW_r_Zf19sZ9mYoPvLpg6T7R2Qky8YwfEZ4r6HZiVJhCuonACmbFA6ZfwEYuJ-N21E_m50&dbm_d=AKAmf-A6pZ-Ahdxp2C7xUZrfmFgnt7IwOj2gpXwHRAlgI4DOTtWSMhHMNCMjO_OqLXrqa3mcXe5tFtmCj06w5rblHv2dZVBj6gG9B6BF0WLj9DKmPzgBaL8qcsCgBQfZZ6RB4oNFi3vGH_LnbJW78QI_ryvJ3dmD25JVSpLqPqjSXh5tcpF32M9qC7CdVOoP3ny051sztUQBC0dDeRw6vbFvljr9izRoh_B_BW6QTvhJVJ1SngVrwLMVQBWa7KnFilmF4mOnvxxW5CpAH8Ta8cYqincGV95OQu4ODulPwy3JbCPbZ5YnIXsWdw_RkGqGlEHA3_eXzPazAvHJ7ARNZFALoqL31COjvDGLyKcm0nRz5HHSNOe-atKXwvP0Sx72uviqwJWT0DV4fE1dDS7gu5VXTm7U9f8S94Hk03LEw03yis5FFlv9ZCQxU6FXGxCmqleY6N07O-0asTHC1plntCq_93KZi8W-DscbFnJOp3XcgIYpW8FteeNh94VWO2pytdS8iNq8gPoA4AFhGBbYq3ltkee4N4ZFrkXT21roa_D4bYjCm1TOc1ej9sPQ3sd2y-hVpkrA-9pXAdhSjCUA3vNeYWBPbD9VM6Tl6ZcG4t6Lwqu0O1qRaH4piicrYnhCSCLmrEq4NfnysrTJMftiJyio1_23uzGa0AJPKCwLhNDrKnztAxR4KHEz7pU4VwqA1fjUNNIknaJwi1Hs-cGN5LWCn1lRfRctdEnJTPWZggVXGl77j8ytVBsJzKxMLrMMrtr3LjONDNZ1T83bNMu71PSibch6PvMkC0VCZHXl4GQ7EwVVsGpDrnBD7bl2rzo8OPrDRdX-FHFaRziUn0JZvFdqvyj39SCir7cAtbpMjMkAeJaiV8yKH0FW2SRG6iJkPUneUPVcylymIGlw0TZfokcDfXBRUxNyeq2xEW9vDW09f7uyhK9VUOVbRuNLZ6wKLwwMDSatXkpRXuSM0iWq_gl648kTcI_Yrz4JxZQQ3YwUyGvLoP05m5wiKyNTj8oZ9QKnowvUA5zQr8bnGSVx74zZru10NaVCXkIkuz_l500Hmb8ZjJyN3qvoDvbMZ47ALfYqJ6kze6JxXcjdeHwY2rj0yi576VTkKN4SKYX5KBmcQ5g_Jnnjg87Y7ddUI7ACjsOJbGcQt6Y67DPKzvFp3cGZykYW3zrTdaS0kMcF5rfZIt_-9h5OCdTXXTb3uLTXxY3lr6xSoAv1GBCAcGe-KQjrTnN6H746Ifk9V7OVUXIY9bWNtJl8UHeJGQExVnYj_34ay1uX5mWaN7QOj1JXGivDXKfABWtgndmYCUSVqrWNz8skZUU54ElhkRv9T3GM7141yu-M5l9oJgjYnPoXOaI_FM9o1h-RNf3T4z2PXwn_oCqe3tuJGEaHK2BEHfyKZuYdHCyUYJR9K31BSR5WoThIUBGzL0GCV0FnUT7ZQ8vqPuZfoRwX6zBamlpYCCUU1dqHNr7QqTS1JD7fHVVFdxZlXy4ZwS9bQJxg1xbEV-Er8dyRPZaUY_xFIxouq0UICe6PZec4B1ZdP_ezOGc6CSseR5ZGCizTNNObDcchvtm9QPDLw4SXw2KC1xZcbEZRRM3xlWEGe9JGjr7HTE-8dHhM7Ag9cuiXaDn7stAJictGtiCrl5RbcrU4cCW9ZQS51dwX47hwiHVirwfP5X43xIdmPDpv3JySI-Rp54dUcGY1zDmj15pyJeLPTfM9BsQDNALk8zeoZcRDSHaZBnsFxZsVuvK5phSHOEKkIP5-SUmYLrwPIHNpSXcXfG0qzoHIOixUQQl3Sk_Av-iwBHEB2NEXfzvM691AmSRQNF05zEOuhgelGLIerb2xdGg9lWpInXTNzD6cQFBmxKWepnaGUNLsN3AmOnPMjYZLbP88X7RfAvriqjXNSjjWRPnT2kBeRWfBS7tkgsJ3CctCW3mqEDC6AqMOl4NFoF7vz3SPlr97EbGr_LdGB1KNbak7Y3eRyofHuDfcYxx1BpwxByQUkxjuavx89OAYLF-tshx5PB9z2KFRL3sfJ6Df2xpjpPGT19yMCqr7frK5F-zUCPGMW2wQmmppxWUC0HyMdOyE9ot4S9a30jSynhjS5tPxFlV_CPEMOQvurEG3iEjCiPQN8LLCDzYYWrUD8rxBWZ5x_szVwQZPuxoRZzLjcm2HneOb6wnSB1Klb5RBHOMz6oORsG46ainDign65HVAy_PEmQFi0qOz0v-X3JSmi8oQ1RBiYkgiieQBT7-OIFgf8CprRFHdTenaRXFKlv3S-FxBl8HX_MreSmdX_Vy5OCFMZduSAb5awosO8Xw6VfpSrecLTjJRGJgiFGfAhurtnggZ4uCMZKNOoPK1q8KAURKMHZ6irN_CWz2WQQq0CpDicsCe5p6EfX4aH0lu5A-aleihOcE9RNiiLVRxSxPamt05uIOFlmjdaglgeC7e0WljvY36E_9mxnqBdRCc0CuBfB2-3lRUGdcSm1yssZWi0SgHQryH-isMIAW-vAhYiUEIT4tihhkkI_FvYXtIbOlv5WdYZDcoYpuX1MPgqGStgdhRpxMDZUm6JVWnUEO2rn6JSZ1PF1M9eD2D2_qxG4bWsIr9S447Nkt72CiC1ovFMPmqIYfZz1c6BpOITqFz3c6pAm6xpXEFJnVF92p2YDV58rxemeQg94Og_en3OKAUdyNRTWY5g58BH6N1-jCZwk8bGpHM5ErPZDHKZfKIsF9WRdSQFY9_X4zvXMxLbTf4tEabPCt9ZixGWGpMYGu5_M3LgVtjm5u5rOR-Uu2YUvEpo-5vqf6lUOcUp_mPjsHSfe0LxS4V9ndVtcN4vLVDdOVupqFwxKvNhHYzavC84bv-Da55Kw0Ql8hvLccwwuSBJYLc7g8K_23_zEqrWrlN56h_JxwEjYPItP_b6YAZsjbB-V0YFT7Cjx-NQXSdROha_K1GjIzsvCWODcBdqf1vSITeaG6nPn9YNY4vDwNReh7kcMjSRoB9iVA0J4WLtPBID_sSjZoXr0XmJunU09YOVZWTPERw_C9MHBIYpsQbmP85dzuKtoJ0qkUz2tMMpLo05JKpeY2gV0Ccdi7JzVLSF_kP6WZMmiyqeZrcJRdQjJ5uG-4I7vN9do5C_X36GhBiccfSXUIMBXJzRaEgoB5xVRDnnYSGzcASvvAEtQF3qJQkfaVwZUWjU4jLx8lvBzBcjYCWwhV_HzL5ewIAcMRo5fwA_V7AuM4WRwbe8PCUghgvj5y7cZ_h8p9MMDUvhhk50y5bmPXYXk5NmEPWC2Kfpw92kAwdgojrybympA-e2EMn2ivIwX7TzUqJ5H4RXAUVwMlvTWyhMgE5H2qJYpX29ERKwev5R4YisUNOdGD1tin5HFfZAxUlknuuTlMIeOD_D9kRq_ekZEGaa5cZ-a8G5xYBeZSyBzou0SsOxNJ0ChRIEGjLD7h-W7nnlB34VKudnPV4y6faUGD_GkDOe_11oLozLmKy25LMlwAPHKiGjX3wszDbPeF5nmSpSEBv7xY5LH822L52JlrurIC_wm4JMM86feRzU9OKr1oU-gJUyQeXogkkAHsFuR9h4Gv-oxqOBcSuGIkqzFZSuS6uYGNc7xJE99N6890ZnHwm1j2lN2MPYQGT4T7W_bnxzAQ0HR9GSzycYz2YlvoXJp1mKTIyrr2XiktkubC21x1AW2Bk_CFCjyQsI1kqlrkgVHmjklYZ19L2kO_15WY7iyojD9x9XYUJyr7skuBcjf_6a6wmcP8M6MfF4NZ-cFxRZ9ZAKkSe8D_BINBvSBfWK9PFLKcx&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=7262870574756596000&adk=2265872549&idt=50&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 36AD 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
397250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 12:26:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D380 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 37D2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00dfac7bb52ee81d36cafcc177e09894eaab608232f350b329914fd31e1cbd2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7BC7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Tue, 17 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 36AD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d1d1904de2920dd0fb4ad36f812031ae06f441e41554ce7ec0a0d6f31970570

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
15571
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1697510839.720527,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
93
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1825
pixel
cm.g.doubleclick.net/ Frame D380
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmTKO77snA67eNZF-SJvmkl7nGfeGGQLl3Rz8S4UTqD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmTKO77snA67eNZF-SJvmkl7nGfeGGQLl3Rz8S4UTqD1nY_K-O2iHpKDVf2gp2bnqwN3W1m4HUBlqHBlfo7wEHXwi1CCTTw0
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 02:47:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmTKO77snA67eNZF-SJvmkl7nGfeGGQLl3Rz8S4UTqD1nY_K-O2iHpKDVf2gp2bnqwN3W1m4HUBlqHBlfo7wEHXwi1CCTTw0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D380
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEYCLeV57POwf7-2UGC10EQ&google_cver=1&google_push=AXcoOmSos1tqOLnS4T-jBf6nvSjiwMtb1zf2lBz-r0W6p_KJf5AKUnlUileokJ6AG__0e6_L8P3RbGwP0gnSnEr3cctLlBbsznX2
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AB471D677474D91A1B8DD302AF52362&google_push=AXcoOmSos1tqOLnS4T-jBf6nvSjiwMtb1zf2lBz-r0W6p_KJf5AKUnlUileokJ6AG__0e6_L8P3RbGwP0gnSnEr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AB471D677474D91A1B8DD302AF52362&google_push=AXcoOmSos1tqOLnS4T-jBf6nvSjiwMtb1zf2lBz-r0W6p_KJf5AKUnlUileokJ6AG__0e6_L8P3RbGwP0gnSnEr3cctLlBbsznX2
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 02:47:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AB471D677474D91A1B8DD302AF52362&google_push=AXcoOmSos1tqOLnS4T-jBf6nvSjiwMtb1zf2lBz-r0W6p_KJf5AKUnlUileokJ6AG__0e6_L8P3RbGwP0gnSnEr3cctLlBbsznX2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 16 Oct 2023 02:47:18 GMT
pixel
cm.g.doubleclick.net/ Frame D380
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFbutI5eTg16U4OVDpIl8KQ&google_cver=1&google_push=AXcoOmRbZZK3vjelEVblGXUP40bCehHiQSyhRdG44PEYmynIWXy9N7aAHLFYaJlpca_Etg45Jg-6YG4RiX6...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbZZK3vjelEVblGXUP40bCehHiQSyhRdG44PEYmynIWXy9N7aAHLFYaJlpca_Etg45Jg-6YG4RiX6viPJ0xhqGrE_w20H3&google_hm=zvJSkJYgSaeQknRb_cWkZ00
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbZZK3vjelEVblGXUP40bCehHiQSyhRdG44PEYmynIWXy9N7aAHLFYaJlpca_Etg45Jg-6YG4RiX6viPJ0xhqGrE_w20H3&google_hm=zvJSkJYgSaeQknRb_cWkZ00
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbZZK3vjelEVblGXUP40bCehHiQSyhRdG44PEYmynIWXy9N7aAHLFYaJlpca_Etg45Jg-6YG4RiX6viPJ0xhqGrE_w20H3&google_hm=zvJSkJYgSaeQknRb_cWkZ00
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D380
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4RXS9rEkQO2XvqMIh5EmxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4RXS9rEkQO2XvqMIh5EmxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQig65hveIT9MXNJ75aYhcPXgr1_FrOGpiUFAQgsRopkTX5tStEH-MZZ3iVbXBdfj7gQtXRXstz0sy0pKB0NOb9dnsnGUov
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4RXS9rEkQO2XvqMIh5EmxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQig65hveIT9MXNJ75aYhcPXgr1_FrOGpiUFAQgsRopkTX5tStEH-MZZ3iVbXBdfj7gQtXRXstz0sy0pKB0NOb9dnsnGUov
date
Tue, 17 Oct 2023 02:47:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ebda
match.360yield.com/match/ Frame D380 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESENkkHxEBD0kFUuH3gQPl32w&google_cver=1&google_push=AXcoOmTFrqCctzCglj0w5-Ketl1zV0n9CH7OvZT7vdXrloyk9Uc3hWPVVW7QnRzXlOVs0lmxRnEIL4cTKtlrh9tC0DXzsrcD5dql
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.251.18.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-18-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 02:47:18 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame D380
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-2f608fab-aee4-478a-b510-8e32647c7262-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQPNYL7ybxRhGZwFm6Qz...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPNYL7ybxRhGZwFm6QzJgRo0OIihZ-vwnieDb-YR_V0W74aJzEyK5tTlyUqQlWwywJZ1qSyGyToYyWQxFsDT4UzMXG2D0k&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
date
Tue, 17 Oct 2023 02:47:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2f608fabaee4478ab5108e32647c7262003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame D380
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8555dc9e-9177-4881-8afe-8ec8ca535aac&google_cver=1&google_gid=CAESENUF-fYKI8oddOLx7JxYRcM&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8555dc9e-9177-4881-8afe-8ec8ca535aac&google_cver=1&google_gid=CAESENUF-fYKI8oddOLx7JxYRcM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQkEEKfvdKhyKkBQ7BUonOiDKtayVsW4kRmhkHRz9zNxZbuMNHmzkkeeNIP17QfqiYxaVmmSQ0JDzPPQ-ZOfWx2Y5kDzo4tCA&gdpr=${GDPR}
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8555dc9e-9177-4881-8afe-8ec8ca535aac&google_cver=1&google_gid=CAESENUF-fYKI8oddOLx7JxYRcM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQkEEKfvdKhyKkBQ7BUonOiDKtayVsW4kRmhkHRz9zNxZbuMNHmzkkeeNIP17QfqiYxaVmmSQ0JDzPPQ-ZOfWx2Y5kDzo4tCA&gdpr=${GDPR}
date
Tue, 17 Oct 2023 02:47:18 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D380 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJ6vYoLH0dOVRzUl1jbxBkSUFh9cC1YjUnX_yO6vQ-a7MhbTBhZ6bQVXYlKHDYK4m6kuaCcA
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame FF69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSNOHtfUtZcHdO_6SjuwPssWHiAv18fqlcsrnnuiBEtnM_d8FEAEguP_QIGCV4pCCoAegAfvk35gDyAECqQLQT_wOD7ixPuACAKgDAcgDCKoErAJP0A4LPBQUFgwNvMQfyVB237auKVGnypFbvtuhMgTOfBYxFY1A_R8340XN3N57lvY1sBA0DKd_6J0Q2GPVBk64I9QdUjTWF3WsE6Vn5zRrWWPHuv-y1xVCLHEtQkwaN47mNVGbM2ayOlqXb9s0W50V_kguA5-_dcJykua19O8U_RR4o98JRld8j6pSBLzXXVKlZzK4lMcM_Vst9KOHUEwRDi5DQbT3KQE767Ci57EvXRXUqDHlroJNd8icCdGXNzgvIjHDbszF__gTkJvxdiehrdfhW3PKq1SWsXpNp-XkYqOPZRcZJKlFgVgy6I1OHdqvLr3LC7NTnV0XqKuWaYNnRKr7uL1oYTd132eqz9PRlEMYqY8EwqdzD4FArEyZ_acofKOmOHfCmprVjAXABJqhzOWFBOAEAYgF0OuJ4TmSBQQIBBgBkgUECAUYBKAGAoAH7ZqgZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENLQI9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCe4BaHR0cHM6Ly93d3cuZW5wYWwuZGUvYXJ0aWtlbDIvbWVoci1hbHMtZGFzLXNvbGx0ZW4tc29sYXJhbmxhZ2VuLWluLTIwMjMtbmljaHQta29zdGVuP3V0bV9zb3VyY2U9R29vZ2xlJTIwRGlzcGxheSZ1dG1fY2FtcGFpZ249MTU1MDQ0MDU5NjgmdXRtX3Rlcm09MTM4OTk0MTkyNTM4JnV0bV9jb250ZW50PTY3NTI3MjAyMzg0MiZ1dG1fcGxhY2VtZW50PXd3dy5lbS5jb20uYnImdXRtX2RldmljZT1jJmRldmljZW1vZGVsPYAKA8gLAeINEwit1PrTiPyBAxV-iYMHHbLiAbHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItODk2NTI1OTUzNjY3MDQ2NRju0RA&sigh=AcO06Ld4ueY&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&cbvp=2
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
index.html
s0.2mdn.net/sadbundle/10003685154878252906/ Frame FDB0 		2 KB
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a28270b702609a6e6a164622f60ddbfbe7917aa2e1cc85338beb3c7ef16ab85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
756
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:18 GMT
expires
Wed, 16 Oct 2024 02:47:18 GMT
last-modified
Tue, 12 Sep 2023 14:58:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 37D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyM106z-dxxXR7VbRaqRccCVnJBWcSUOXFD4NPvEJOs_BeJiv4NYpDShdQpjv8kneeX4heIVe1z7LvUAR2kXaFs_R9hzqayxp0aO2uVESVyxKw2e6MzAfzkz6kvxevhVOSQeaB-He7iDrZBFbsAdJFLEhtMB3G3_-JAlt8aEDYGTvp5rXKAWJxsncU0Go7iI8EmrYEvKIUKuI-iDXXkx84IHZfsgxG2794qXoohMJBjtjhdrDHd9TrkeRdmY9voed5X7jbO7nA9G7ARssEzLovQUDq1bzf8NRDEFSGllXcNgqk90yteAtBB7Bj017geYobb0KAhrGEpbmHEHcPAFciOJFAmNoJgpF9OLPSpIxloHwwEJZ5xOQ_4CLBv5_nOEL_pqe_3yCLEIdUpgStC7xfmpSltB8Wg1Yld-EJAV0d4oF529qSe3j-sT8UuqvpFAJ0ywn247kcXN-1o_jAIf06nhSrbTkjm2N4kD_lhqN0fkviZ7dxWm7Y8KvHMZbXSWpgqODb7_--EXx3HgY8tFNdNmiK4FgiVSFLtIcv4WdIDRB7bpPPAIENb4FeDGMwU45okbL_Eazc7fqqVo8WD5ve3FVXcdw-ULiB53SsQ8kBBOe24pTfRxHYWnpblt0nxUtTKmNLKktash2C2tgqGICi2lKlIbJ7Dux1mzxQkXFSnNY4EF83yYG0tELFmoopmfLcIrexxUNAetQzWVBYlJwCQ2-Of78Sukeny19sKHbqoZVHDPrHQgnfkYxGSfgIYTf5JiwopNNwQwrlzycWHaiFGbGicbA_lMfcrb2CqJ_W47E6OpTS3R2MfI9hqPgp08VG6n9MI2h2UqtLVP_HWawnsekGDOGe5BG1NITunFZ6Bj-5UtnxOp00XeTseYhXOawwCfDQJssH-C5MhTyTivqT8INsJL8yNmJNnzQIi1XOC8xBPrnZFWs9b3TbQx1VNiV0uFcfIMl3vSJdiZPveJ53HvfnWAmL-ijB29njgxbAVbJ7ZwIMNLCt_pjUhFws8-ofnudeFebnObmIG5XqOo5RE7GYGGBwASV6L1YagfPmkEZ3nQAsFeHjPxth3_vHaMswpnfUAlZ2Nr5_Jg6kfdwtIWsyeXrdpiME19Kht816kCxPZ2qoNza7-ZwknRxMeMwaXoWup-gUCPkWLyNgLAth-tBxExrVCbMs_vI2kq969PiUHOvxlp3pu_E_dBGHGE2WSUZATYOWX_W8oPqyIBlvLR8CZXJfDqYVqA_Z9MsyRaqRVOx933WsOtYAhrx0Yu_UcS3wx5q2NiQ0Jmevhl1aia3SK6SE83NzFPXIHk0Qqq1ZW6mFvkZnfb-LlARYm--tOyU9l0GQ2IAHvRAhnE1iArzNxxgiLXmSSVh_vFIM5EklYsTyZ5tu6hhDtB65PhJW96UnTYrEz0eD&sai=AMfl-YTnhdK93jXR34auSebbqH3oGsyTfLOlnaGvxkiCOsaSN1FT44HpNyRaKXeyioh5F05VbtopzAJHzVTvdBnMWUt_277wSrLib3MzcR3AfVI_pDsyDSB1Twf30Z4gAIHzsDOl1xOXRCLJshPWj7QQFpv_UbUrGdQfyhYUHxGkjTD3-NAfxn09qkY6xOwhlr75A8BM-skGtRBWk0Fw3aJY4UAKFDDFp_vOQzn1zgLoWsLCoI6CH2_y3s5CkFLSd_21OyULVzT5FvchnPTfEWUs9MU38X9POtNzkw&sig=Cg0ArKJSzOAz69XcdiY-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=153&cisv=r20231004.68631&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 7BC7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmS2uaajMYF-JuvQYkTo56D97mZMuVXTpu_rtTnp2A7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmS2uaajMYF-JuvQYkTo56D97mZMuVXTpu_rtTnp2A73iINjik61F0gQqYUEvA2Oaha1Qb5uCGkidT0DrtnzYNrKojBAfd8z6g
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 02:47:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDJZMndOOEwxUVNBNzQ1&google_gid=CAESEFD8WaogL02vB1UlU7UAGb0&google_cver=1&google_push=AXcoOmS2uaajMYF-JuvQYkTo56D97mZMuVXTpu_rtTnp2A73iINjik61F0gQqYUEvA2Oaha1Qb5uCGkidT0DrtnzYNrKojBAfd8z6g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7BC7
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHSiCSbUseLeyuOSIvRCLrs&google_cver=1&google_push=AXcoOmShzdE5_3zq8g6_FHroKyvwaO-JYJ_o8f7bdlHLz5f6fEm0GphcAulYIjHafzUI_1d8t1zlCPOJnjGsSnvF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IAIMtsjARpMUBDP4SjYwlQ&google_push=AXcoOmShzdE5_3zq8g6_FHroKyvwaO-JYJ_o8f7bdlHLz5f6fEm0GphcAulYIjHafzUI_1d8t1zlCPOJnjGsSnvF1mVZRbih-uv4MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IAIMtsjARpMUBDP4SjYwlQ&google_push=AXcoOmShzdE5_3zq8g6_FHroKyvwaO-JYJ_o8f7bdlHLz5f6fEm0GphcAulYIjHafzUI_1d8t1zlCPOJnjGsSnvF1mVZRbih-uv4MQ
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 02:47:18 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IAIMtsjARpMUBDP4SjYwlQ&google_push=AXcoOmShzdE5_3zq8g6_FHroKyvwaO-JYJ_o8f7bdlHLz5f6fEm0GphcAulYIjHafzUI_1d8t1zlCPOJnjGsSnvF1mVZRbih-uv4MQ
x-host
tde-deliveryengine-production-69fbf984b9-nhbrb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7BC7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAfLmJ55KfvGhY3_Rs2qAjg&google_cver=1&google_push=AXcoOmTKCqjxAoPYliNwOGWbxBoCx1BSTaPaQotm4DhnKNqHZIx7ygpCWcwgKzpCMpqv4hsF2SJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5UUTRHWE0tMUctTTY4Rg==&google_push=AXcoOmTKCqjxAoPYliNwOGWbxBoCx1BSTaPaQotm4DhnKNqHZIx7ygpCWcwgKzpCMpqv4hsF2SJaG0j-YTMAZpZfOsYq_clBejomlA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5UUTRHWE0tMUctTTY4Rg==&google_push=AXcoOmTKCqjxAoPYliNwOGWbxBoCx1BSTaPaQotm4DhnKNqHZIx7ygpCWcwgKzpCMpqv4hsF2SJaG0j-YTMAZpZfOsYq_clBejomlA
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5UUTRHWE0tMUctTTY4Rg==&google_push=AXcoOmTKCqjxAoPYliNwOGWbxBoCx1BSTaPaQotm4DhnKNqHZIx7ygpCWcwgKzpCMpqv4hsF2SJaG0j-YTMAZpZfOsYq_clBejomlA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
ebda
match.360yield.com/match/ Frame 7BC7 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESENkkHxEBD0kFUuH3gQPl32w&google_cver=1&google_push=AXcoOmTilo0EaE26ocMBfzY7P73TCvPoBMIrGF7lPSAv81kXBtT0tB3DVTN_Q5y5cPXJNy4hyHdzcDSkwRF1X1n34BuzKQi7mOUf
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.251.18.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-18-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 02:47:18 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 7BC7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-2f608fab-aee4-478a-b510-8e32647c7262-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRuQiMzG2tcmQtkbuxuP...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRuQiMzG2tcmQtkbuxuPwk92btf-UR5EFpag2jzqiMC5huSluLnb8qtUfVsEz-8Qe2oUxODWxAxN6km5F4fPXqIV0FkU3ct&google_hm=Ay9gj6uu5EeKtRCOMmR8cmI
date
Tue, 17 Oct 2023 02:47:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2f608fabaee4478ab5108e32647c7262003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 7BC7 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG1UWk7zA10iNB7KM8tjeuA&google_cver=1&google_push=AXcoOmQk0SII4uRRVhOrEJVUb-gNc9uq-zyR-69fMF9B96Vmtn9aAd-E9426DnWvkv5q_DcY9izezZdnAQaVgFvSbPpvrN4erytylw
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-length
0
report
sync.teads.tv/um/ Frame 7BC7
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENOL2LsSZddU...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmStMGx9MLn0CMhpjJjqv5nnllSfirTlsA6GknU41uREO4q4uXEKM48DXQmGtc_A-Gye4B87O4xyo8OBB43j9K1tjeFbjOJoyis
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 17 Oct 2023 02:47:18 GMT
pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7BC7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHa0i4tVzhShH_10Y9i2CECA0YK80dWTMT6za3eNAzjWEa8qxIsNxxSQIFLeAZzsa9SwxhWQ
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D0BB 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
344419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 03:06:59 GMT
expires
Sat, 12 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A206 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
328110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 07:38:48 GMT
expires
Sat, 12 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_250.js
s0.2mdn.net/879366/ Frame FDB0 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 17:00:57 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FDB0 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 02:47:18 GMT
script.js
s0.2mdn.net/sadbundle/10003685154878252906/ Frame FDB0 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10003685154878252906/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68bd54140ad3833b54c6e6235dc6fde4d683cfaa1abe8a477db4aa84d0a8935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10003685154878252906/index.html?e=69&leftOffset=0&topOffset=0&c=vG0PkgtwZd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4280
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 14:58:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 15:38:11 GMT
index.html
s0.2mdn.net/sadbundle/12806307893679438044/ Frame AED8 		2 KB
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a08f389a684771d68c23f4989202bb397839bcc63cd2a7c6414c70cd64a5862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
759
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:18 GMT
expires
Wed, 16 Oct 2024 02:47:18 GMT
last-modified
Wed, 20 Sep 2023 10:10:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 36AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgEie_Nn7qujIXoD91Jj3aHHVGz9ZQ1Jlk0fklubL5bYBtkzq9hssjuq9sWMa7UVR5gTYn7WxyLzSB06HChvLnPKT4yafJyIGSt3U2Ft9FMeGQZiMLz8lYDO30mULAQHt6y8KLzv--JsvP0ZAV8JOO5J4JUYkaP8sVjXTy077OM44JedGxkT3OA1Em6xVnziFgnGwC-DnPZUKMMijzJyiKEvOAfMC2V75BU3FT9rLj1c_lNCpzEcOltC3M--D6l5XY6BUdEoAP57ttmXffxeXNBEJrh9W0JmH5UO2TH6fvabNm7mvCiuqKhIdJCFThriVqLftxavMuS-tgUn3ORjKNwVs6n3UoX7O1RIeLXpbo8Wfvpaeg8zKP8CHatftyWHtm76kB9wBqXyGsThpkXLgujlh-Qm_klMIAXuEYzi2vRkdyIvLLVc17gAG2Zd46iobmOrjx4AIX-3AymKQT9GlgWrC41UWooyinkSkdHG0WuZ-aw5xgDhB3Fa3DhSDi_OGaax-xHWGCR8w9n9A_SIBXuOvHQUVISMUjLhHfm7L73GdOxQ7vCEfEGSG0wrA8kbLOJLcMl8RRNy_DfYWXNiPthSTehHpOjK_TUucdP1pJGj3BDzjjKNvJTwQJYEtsB0-OvAheVqvh_vxAqLhf3K0WygvjG_XBaa0G7jkmeOZNUxnmNp9tgmDs0DUKADTWG70eH1SN7pn3yM-n0sr6yiJeTw8yz3wyUsGSNcUyl7oyGnLRhw8QzHhy18SLs5eosFLoJJ9mF70fdiem_EYD7H69ZxJS8iKi2Dp2DV0F7_ppKZy4JURMaDZc0pSNfI4JyLaRqlmQhcDJmu2HxJDmJ6zE1nsovmyLikA8sP17qqI-V7xAriua3OzE1lXBqq8bQhSPULLAWLuZGZlIIJV_Me0xt5UIIswNojVNY4T2cKuXQXK7CMJsqhTqcn4rncg9necpbZhoKwFXCFrl2-gd1qyzL1bxxxwzUWL8pM8bykcTNlK67gxsMI_i6dd33Opq71va4_-Wls7W7mUQC69eo3gzDVwDyKx2SPxykdb-6Gbdex8g2qc8FOoQCdK-f7F3N0VDZaGuBPQhq3QlREmC-vzfqbWrgHcBr2Ol06J0mfv_zr1UBkPty8FRZkGd-d7LkxNYBzPTZHKcYMGltyEWwDXz1onHjT5ya1dSu9XgqqsS5eGjET-F6zeaQY_RukUe-VRFbp3FCbbrU0U4pKhojxxRNuveKCfZP48CUWpQmbPgf78a8PPC9lTDyQL9-LHAtZKgLt4yfdCz5_NP689q3bZJoDEH_VIF654hY_zQFFr4RpcYhGy3OnVvk0BBj_iJlMp4RWVqysOP47eTyYDTSvyRJxXGTfAh5_hQFuvavCAOewvwZa_4B_X6QNFqYI7tniybfgk8ft1Oj7KDB_C757U&sai=AMfl-YREx8oJ7_8Fn0n6VZ0yiPzFNnYlIH3TSA0S24fH2bgBTy231w3eNrVBrO6o5BVmdGKPfcIi8lt8TRoyylZ2y9ixzy89RrJBoZBqyjz3B2fW2Yyti0Elg4R6KMzMrlokpe6EUuaPy9RWiFrtAo3vLStpREJK-OoHapuqRS8sIwqMFfuCIMDKSn_sCUy0x9O_mFhKDTG-72J0X4UOEpViAf2DBr_4xe82K7aS78rqLMcJIghO1zW6YkNmO2Y_hTrf-GfNej_xyYbepiLw-jlYJIsOp1RCEOf1xg&sig=Cg0ArKJSzGeOBLfXpsBeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=183&cisv=r20231004.91239&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 02:47:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4a.js
static.adsafeprotected.com/ Frame 37D2
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464738/4.js?adContainerId=brand_safety_tvUtZczXIIrex_APk-O2wAo&cbFunctionName=goog_wrapCb_tvUtZczXIIrex_APk-O2wAo&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
date
Sun, 15 Oct 2023 04:09:11 GMT
x-amz-cf-pop
FRA56-P5
age
167888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
sVck20_O-p1b3YscLkx95UVzKKRcB8GWMB-CXpQ1-_zIlUGamfNGzA==

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame AA1C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2255888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4LwfQNVCrfXxrKad2K57udj6InFUsmjAjE09T44YUV4uaaZfThWn3g==
4a.js
static.adsafeprotected.com/ Frame 36AD
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464800/4.js?adContainerId=brand_safety_tvUtZZOzIp7Cx_APhqKwiAg&cbFunctionName=goog_wrapCb_tvUtZZOzIp7Cx_APhqKwiAg&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
date
Sun, 15 Oct 2023 04:09:11 GMT
x-amz-cf-pop
FRA56-P5
age
167888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
nSJBhRWkmmH6Yee3Dy63GB87Dfna1JdNMyocyqe0PadP076l2iCHqw==

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:18 GMT
server
nginx
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7658 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2255888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3o_GKtGI6BJOe8PgV1OfdfqwMtPSYGXTYB41FUwcc2rNCLH4ZtlWyg==
Enabler_01_250.js
s0.2mdn.net/879366/ Frame AED8 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 17:00:57 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AED8 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 02:47:18 GMT
script.js
s0.2mdn.net/sadbundle/12806307893679438044/ Frame AED8 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12806307893679438044/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35a20edfdcae6a127c0e0b07a8c3b673dc5f82c43f6cc5ccd059cba7a2ade866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12806307893679438044/index.html?e=69&leftOffset=0&topOffset=0&c=DjuGogBKGs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 14:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4272
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 10:10:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 14:05:32 GMT
dt
dt.adsafeprotected.com/ Frame 37D2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7&tv=%7Bc:rgL7Jf,pingTime:-3,time:101,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i*.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1i*,rmeas:1,rend:0,renddet:na,siq:19%7D&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 37D2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7&tv=%7Bc:rgL7Jg,pingTime:-6,time:102,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i*.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1i*,rmeas:1,rend:0,renddet:na,siq:19%7D&tpiLookup=ao:www.em.com.br*&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 36AD 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=2abe946a-b903-9bc2-fc44-357342f05be9&tv=%7Bc:rgL7Jo,pingTime:-3,time:68,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B62~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j*.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1j*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 36AD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=2abe946a-b903-9bc2-fc44-357342f05be9&tv=%7Bc:rgL7Jp,pingTime:-6,time:69,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B63~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j*.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1j*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&tpiLookup=ao:www.em.com.br*&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
pagead2.googlesyndication.com/bg/ Frame D0BB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:58:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
449340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14676
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 21:58:18 GMT
tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
pagead2.googlesyndication.com/bg/ Frame A206 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tliYWa7cHGeLg0O1MrcPy_smaCZv9eRWEIK0Lr5mtvA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:58:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
449340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14676
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 21:58:18 GMT
dt
dt.adsafeprotected.com/ Frame 37D2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7&tv=%7Bc:rgL7JD,pingTime:-2,time:125,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:247,mdZ:456,beA:493,beZ:494,mfA:495,cmA:497,inA:497,inZ:500,prA:501,prZ:507,si:512,poA:513,poZ:533,cmZ:533,mfZ:533,loA:595,loZ:599,ltA:618,ltZ:618%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:125,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i*.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1j.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1i*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:19,sinceFw:105,readyFired:true%7D&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 36AD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=2abe946a-b903-9bc2-fc44-357342f05be9&tv=%7Bc:rgL7JE,pingTime:-2,time:84,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:239,mdZ:434,beA:510,beZ:511,mfA:513,cmA:514,inA:514,inZ:518,prA:518,prZ:524,si:529,poA:529,poZ:548,cmZ:548,mfZ:548,loA:579,loZ:581,ltA:595,ltZ:595%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B79~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j*.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1j*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:19,sinceFw:65,readyFired:true%7D&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 37D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyM106z-dxxXR7VbRaqRccCVnJBWcSUOXFD4NPvEJOs_BeJiv4NYpDShdQpjv8kneeX4heIVe1z7LvUAR2kXaFs_R9hzqayxp0aO2uVESVyxKw2e6MzAfzkz6kvxevhVOSQeaB-He7iDrZBFbsAdJFLEhtMB3G3_-JAlt8aEDYGTvp5rXKAWJxsncU0Go7iI8EmrYEvKIUKuI-iDXXkx84IHZfsgxG2794qXoohMJBjtjhdrDHd9TrkeRdmY9voed5X7jbO7nA9G7ARssEzLovQUDq1bzf8NRDEFSGllXcNgqk90yteAtBB7Bj017geYobb0KAhrGEpbmHEHcPAFciOJFAmNoJgpF9OLPSpIxloHwwEJZ5xOQ_4CLBv5_nOEL_pqe_3yCLEIdUpgStC7xfmpSltB8Wg1Yld-EJAV0d4oF529qSe3j-sT8UuqvpFAJ0ywn247kcXN-1o_jAIf06nhSrbTkjm2N4kD_lhqN0fkviZ7dxWm7Y8KvHMZbXSWpgqODb7_--EXx3HgY8tFNdNmiK4FgiVSFLtIcv4WdIDRB7bpPPAIENb4FeDGMwU45okbL_Eazc7fqqVo8WD5ve3FVXcdw-ULiB53SsQ8kBBOe24pTfRxHYWnpblt0nxUtTKmNLKktash2C2tgqGICi2lKlIbJ7Dux1mzxQkXFSnNY4EF83yYG0tELFmoopmfLcIrexxUNAetQzWVBYlJwCQ2-Of78Sukeny19sKHbqoZVHDPrHQgnfkYxGSfgIYTf5JiwopNNwQwrlzycWHaiFGbGicbA_lMfcrb2CqJ_W47E6OpTS3R2MfI9hqPgp08VG6n9MI2h2UqtLVP_HWawnsekGDOGe5BG1NITunFZ6Bj-5UtnxOp00XeTseYhXOawwCfDQJssH-C5MhTyTivqT8INsJL8yNmJNnzQIi1XOC8xBPrnZFWs9b3TbQx1VNiV0uFcfIMl3vSJdiZPveJ53HvfnWAmL-ijB29njgxbAVbJ7ZwIMNLCt_pjUhFws8-ofnudeFebnObmIG5XqOo5RE7GYGGBwASV6L1YagfPmkEZ3nQAsFeHjPxth3_vHaMswpnfUAlZ2Nr5_Jg6kfdwtIWsyeXrdpiME19Kht816kCxPZ2qoNza7-ZwknRxMeMwaXoWup-gUCPkWLyNgLAth-tBxExrVCbMs_vI2kq969PiUHOvxlp3pu_E_dBGHGE2WSUZATYOWX_W8oPqyIBlvLR8CZXJfDqYVqA_Z9MsyRaqRVOx933WsOtYAhrx0Yu_UcS3wx5q2NiQ0Jmevhl1aia3SK6SE83NzFPXIHk0Qqq1ZW6mFvkZnfb-LlARYm--tOyU9l0GQ2IAHvRAhnE1iArzNxxgiLXmSSVh_vFIM5EklYsTyZ5tu6hhDtB65PhJW96UnTYrEz0eD&sai=AMfl-YTnhdK93jXR34auSebbqH3oGsyTfLOlnaGvxkiCOsaSN1FT44HpNyRaKXeyioh5F05VbtopzAJHzVTvdBnMWUt_277wSrLib3MzcR3AfVI_pDsyDSB1Twf30Z4gAIHzsDOl1xOXRCLJshPWj7QQFpv_UbUrGdQfyhYUHxGkjTD3-NAfxn09qkY6xOwhlr75A8BM-skGtRBWk0Fw3aJY4UAKFDDFp_vOQzn1zgLoWsLCoI6CH2_y3s5CkFLSd_21OyULVzT5FvchnPTfEWUs9MU38X9POtNzkw&sig=Cg0ArKJSzOAz69XcdiY-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=378&vt=11&dtpt=214&dett=3&cstd=153&cisv=r20231004.68631&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FDB0 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 37D2 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpclofZCvgx8PzzPmmDSyOg68gRcFmJorGzgjD8YX1WFKYIxv1wJyRyPHniuGZhzLucwwej4ANX1rZqGXzIIyj_vmsbjwoWP4ayqdNQkFV-2cYK3slae665F_MwiH_W-wuhNUCrReVNA8wsfgyu5vy_KViMKjdLWi_QzPdOC8pX8CtSLVl49faF2oyPz6YyHVBpoSm6obi998g3uFQtQ&sai=AMfl-YRGAoltN-ZHumAjwko5k3YMlEMO5EdapIrT-KGN8zAOksy1BP9HCEdLXZCwmeUoSqPC94b1T3nt4FD92fTSYOg6xNWXP4a_bYSdNBSsD6WnyzTABz5pq1k_owJwKkqTeRMOnAKthF7dGRkYKOj__q1DwhFx&sig=Cg0ArKJSzLW0rNAq-ardEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 36AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgEie_Nn7qujIXoD91Jj3aHHVGz9ZQ1Jlk0fklubL5bYBtkzq9hssjuq9sWMa7UVR5gTYn7WxyLzSB06HChvLnPKT4yafJyIGSt3U2Ft9FMeGQZiMLz8lYDO30mULAQHt6y8KLzv--JsvP0ZAV8JOO5J4JUYkaP8sVjXTy077OM44JedGxkT3OA1Em6xVnziFgnGwC-DnPZUKMMijzJyiKEvOAfMC2V75BU3FT9rLj1c_lNCpzEcOltC3M--D6l5XY6BUdEoAP57ttmXffxeXNBEJrh9W0JmH5UO2TH6fvabNm7mvCiuqKhIdJCFThriVqLftxavMuS-tgUn3ORjKNwVs6n3UoX7O1RIeLXpbo8Wfvpaeg8zKP8CHatftyWHtm76kB9wBqXyGsThpkXLgujlh-Qm_klMIAXuEYzi2vRkdyIvLLVc17gAG2Zd46iobmOrjx4AIX-3AymKQT9GlgWrC41UWooyinkSkdHG0WuZ-aw5xgDhB3Fa3DhSDi_OGaax-xHWGCR8w9n9A_SIBXuOvHQUVISMUjLhHfm7L73GdOxQ7vCEfEGSG0wrA8kbLOJLcMl8RRNy_DfYWXNiPthSTehHpOjK_TUucdP1pJGj3BDzjjKNvJTwQJYEtsB0-OvAheVqvh_vxAqLhf3K0WygvjG_XBaa0G7jkmeOZNUxnmNp9tgmDs0DUKADTWG70eH1SN7pn3yM-n0sr6yiJeTw8yz3wyUsGSNcUyl7oyGnLRhw8QzHhy18SLs5eosFLoJJ9mF70fdiem_EYD7H69ZxJS8iKi2Dp2DV0F7_ppKZy4JURMaDZc0pSNfI4JyLaRqlmQhcDJmu2HxJDmJ6zE1nsovmyLikA8sP17qqI-V7xAriua3OzE1lXBqq8bQhSPULLAWLuZGZlIIJV_Me0xt5UIIswNojVNY4T2cKuXQXK7CMJsqhTqcn4rncg9necpbZhoKwFXCFrl2-gd1qyzL1bxxxwzUWL8pM8bykcTNlK67gxsMI_i6dd33Opq71va4_-Wls7W7mUQC69eo3gzDVwDyKx2SPxykdb-6Gbdex8g2qc8FOoQCdK-f7F3N0VDZaGuBPQhq3QlREmC-vzfqbWrgHcBr2Ol06J0mfv_zr1UBkPty8FRZkGd-d7LkxNYBzPTZHKcYMGltyEWwDXz1onHjT5ya1dSu9XgqqsS5eGjET-F6zeaQY_RukUe-VRFbp3FCbbrU0U4pKhojxxRNuveKCfZP48CUWpQmbPgf78a8PPC9lTDyQL9-LHAtZKgLt4yfdCz5_NP689q3bZJoDEH_VIF654hY_zQFFr4RpcYhGy3OnVvk0BBj_iJlMp4RWVqysOP47eTyYDTSvyRJxXGTfAh5_hQFuvavCAOewvwZa_4B_X6QNFqYI7tniybfgk8ft1Oj7KDB_C757U&sai=AMfl-YREx8oJ7_8Fn0n6VZ0yiPzFNnYlIH3TSA0S24fH2bgBTy231w3eNrVBrO6o5BVmdGKPfcIi8lt8TRoyylZ2y9ixzy89RrJBoZBqyjz3B2fW2Yyti0Elg4R6KMzMrlokpe6EUuaPy9RWiFrtAo3vLStpREJK-OoHapuqRS8sIwqMFfuCIMDKSn_sCUy0x9O_mFhKDTG-72J0X4UOEpViAf2DBr_4xe82K7aS78rqLMcJIghO1zW6YkNmO2Y_hTrf-GfNej_xyYbepiLw-jlYJIsOp1RCEOf1xg&sig=Cg0ArKJSzGeOBLfXpsBeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=408&vt=11&dtpt=218&dett=3&cstd=183&cisv=r20231004.91239&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 36AD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss81jdnMlq5vWNdted_woOuJEHyu2dYgOw9LpKYvqMnT2w7Qc0f0nwmTXuZfC93rBwnHgtp9ax6GprgwQtjGxfik_ast84rFm1AfU_rwaM7UXsGX9XwDIc8IYeCCvfpMlOnzzv7tSw35W_--noMS8ls3OJG3ugWE4nEeChq2HgCIej2sC92rh-X5kdFvFh-h8XiPBa3HKdecx9gxAntJA&sai=AMfl-YTUiIkWcIwHCBudLKic7TS3DxfBQ2pm1zb9KAJmYOpDDCsGfvYBnqiZzkZQdE7DzDjA6mJkQrspfEG2F2DcSQR0_dobN2YlJ2f88O8RRFto4vwGd6sr5q48GAe6C9gx_MsRQRWJOLu4UmjfYDqxqNXYm0Rz&sig=Cg0ArKJSzPY-bYQPE8hWEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 37D2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7&tv=%7Bc:rgL7LB,time:247,type:e,im:%7Bpci:%7Btdr:125%7D,imprf:%7Bttecl:394,ecd:101,tsecr:28%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:247,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B242~0%5D,as:%5B242~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i*.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1j.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:19,sis:148%7D&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 36AD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=2abe946a-b903-9bc2-fc44-357342f05be9&tv=%7Bc:rgL7LF,time:209,type:e,im:%7Bimprf:%7Bttecl:413,ecd:72,tsecr:51%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:209,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B204~0%5D,as:%5B203~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSUmuaw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e%7C1f%7C1g%7C1h1%7C1i.1549653-72464738%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j*.1549653-72464800%7C1j1%7C1j2%7C1j3%7C1j4%7C1k,idMap:1j*,rmeas:1,rend:0,renddet:DIV,siq:19,sis:142%7D&br=c
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame D0BB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYy_WtvUtZczXIIrex_APk-O2wAoAAAAAOAHgBAI&bg=!g4ClgM_NAAZy-tsgUvo7ADQBe5WfOFX4ld4z43oMwESDU1bp8XZmpcLJHNgAIIiaphHiBLiWJR6zJNWja0YNUDqyTsbVAgAAAH5SAAAABWgBB5kDQL_5TIjvjeVZUwY78FZiG8ocmkTAx7K-H-6QXG_HjGI0Vzo9xzIhtx5mdeC4K1eFyVvN9gxq5HDBeqBa-N2y85DfKii1Ye5EDbnTdAdpilK_gEiHgnnJApw05yqq4fwaEsQK4RgMFgRzAk1PQocOtuF8BJM-rIadigpB0fEUOSngZOLqfCfNs64JmjTPyM9RrJKrQPO1l1fG1rDMD7-edtDFn0fTzw7uRyXTh0FGppw5rbqMuFkuxPoaA24vn3laY9WBGR7-Fsp6CoVAPEgDeY-j-MNJD0D1tuhnKp-KwF1BvUxRAioAdg1QtsN3hV80Gy0J6bGT1KC_-GsvMlwdwEoTM3oJyH_u_VYWIwlqVSTgy5QWYyIO2b1Gwp5Yp-m0bdG6giOIN_LLIWUO4PYLMJE-Jgb00CcQbOakTerVQUVnW_kKkn-iirAlHm2L1w4TUmGSTzZ1eVcXxdQL3d6XO7aDVYTnqORDWl8NZp8Ymi0r7V7A4F3v6o0xQGH1PSqrxRnmO8PPok8chKyAsb7Hu419YEi7CnMZX91rpLEnD3Poox5AHJWOAH1WK_o6mC-ZOk85qWxSrUMH9qJqmX0F1DmaTkrRxDFZnDmUh-8CP4DBYLqJVgm9ECMPOVrf3M-Z_7NobsScQeYRIn8H_6czEeywVxnCEP5LxE0Zac7woAJnJHygXtWq1YyeiFye4n9UU2V-0wIenIQc0_YvEHD_JYC8V-hldHqsANv-LP_I0znacdGmTlyH6kcmorddlWKXmqR3_7OldViPEiRMGZrrbUz-6QkEvrcbv0OpRteGy9SsNDb3ujSzKYsLsoRV6Ny76pevBkyAom1Gi43Dc5qs6j_MagQ44K3xgAupt9Q--Ueu3_BEwakDSjAhfLCD9nv2ELkOoOhEB2yMGnTBu7yTUKYLHR_vAPDjqGPiEnW0QxZA_4Fl5comQwK8iZiDj2KelTO8WTbKSZZv8ZJ6XMes0uSpw6arvAun5dHDR0A35k3iaXfNI2iMIO_6rbK9-42zMOPtSh-YjJONAilZ5Hc--1uRki8P2BQ_SYdfuB5v82TefapYCvb7kH9t4TOKyHe_sjEwqnfdYAJ2KTpLYIyQbMk
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A206 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfOsdtvUtZZOzIp7Cx_APhqKwiAgAAAAAOAHgBAI&bg=!0NOl05zNAAZy-tsgUvo7ADQBe5WfOA8IJ_oQr_6MM_O49RMaCiejAeq60LsnYroimiPXvyPzIH0zCvB_LnXIvAGLBenoAgAAAHJSAAAABGgBB5kDSiuo7BpNN2cML-ItZavkG_8JaJunD-wesAaO08FOIBKNd3ZyZde1B_ezfQhU6i3Cspf6ELR5nzD0bHSo4P-rZZBRBxJT6cD6vaPRHN3ErbqPWnF8GQnlE3dgv9LS_e2w1L7R14rF6Uub0pwbPoAzcqsRVbN3ls6K7ACw58d7_TsbLwf7OCr5C8-7go7d5Lj9RgCfuLVvik273f5rjXAn8Q6Vy9I7z83X5y-mRPh80bD3P_KOWgADPqg4yjni0_FCEpZHXucxCNC_020AL7uWFdhf-_bt3esoejJLuEV3EAD3Gl3WByikzJD_yHaDJdpdjdQux3apc1FlDmInrH1gwNrzwIEP6NyuBDRkCu6Hk3bGerspE5LVU2PiVzWRapsQoYg30UhXTmG6OuH988neOmzynqhUVhYdHNh4mbrU8CKKU4t9LmUTmJEUBiY5o5Ax0LXToR1Le9gkqE8VJXeqv3Qhzqbdy5avrJ9kKkEMJYjAFrgCaHieboW7KvsgD80OyyHQaTtjEszFHxTz4duKz5k6ngaz32AjxuwWuWUSalra8O-OK4CaiiKiIsqr0OVER2xMVh-yIh63etL8u5luv_l9MBq2akBYtmVPy6SB5p6tAABLfLB4qqrSCGZQ2Ib3opSjVcGHoUrAAxqo08-OdiaKG-BjJfpir91PN0S_CYA1QgdRH4dJJdeZTJw2NqWvrDm-gLBD8ljUcG6Pja_3R8cO6ssOWxSxDFSkBQJhqfkJQ8OwBaz8hVePVWs0rRoW8aEcUmG3iwm5utcJ3LKO4q22abkzetC8OwApQa43oGZfb5YELLPiTrKNhISSyCgfql9d483XUx0sc1YF3B3Itz5PbGgF-owibHe5ietUebdpPqslnt6G_1V5boX2XG0NpIc7U5KoBp5uJqoHnsX5xxod0HrVyEbQnbhKSlDTLryXfa4oZNF7yI4YpKpSVSu1GgtdoQyEMx9B2U6AHIwDj9VAlW6TkWzuW_oFDzupiHQbbV2gCXYPBHDvqc5BuabwZ7CrWYrbPHXDNdpnrB7HGqqUarz-uq4_Z_icjnhK9sjkz9gtpFs7zEJvGUGP6e1GUXto-M4dapj3pGQVVWBIdWHy7XDXpzERM2TS
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 37D2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7&tv=%7Bc:rgL7Og,pingTime:-10,time:412,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697510839280%7C%7Ca9cf100aab5d3767263cbefffe4fd213%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7C9e71bf900fa6f9f9d2f82e9943f3d4d6%7C%7C8d60b65828600921326d954650cad0c4%7C%7C777a50a203c8af798aebbe9356398f42%7C%7C501c21e1d301df88c0d987188959af74%7C%7Cc7448c92e88b21fcadecabca98a3e26e%7C%7C1663701684%7D
Requested by
Host: 1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
URL: https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&as=Z3Z%2BALzplz2sZmLgWmFpYw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ceb3fcfb05bf6750089e2798256ea794f6e4552931fbb45ddbb6242c6d7cb4ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x9Ns0_sAeFhbM2x975FQgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-x9Ns0_sAeFhbM2x975FQgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.em.com.br
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cb7b3873e0f97bade0487ed1dd5ceb8cc8860150bde1126d1a118e540956c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12093
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 02:47:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C00 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
89815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:50:24 GMT
expires
Tue, 15 Oct 2024 01:50:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CE3C 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4340941fd202b54ff186b18ff559cea624ee1ad4143d4f0e7eafe7ab48ce9b6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5AqbuwjFsNd5Qo5JMrtCxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5AqbuwjFsNd5Qo5JMrtCxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 02:47:19 GMT
expires
Tue, 17 Oct 2023 02:47:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame CE3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310120101&jk=2089043390418607&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 6C00 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:14:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
45185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 14:14:14 GMT
generate_204
tpc.googlesyndication.com/ Frame 6C00 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gaBgAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame 36AD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=2abe946a-b903-9bc2-fc44-357342f05be9&tv=%7Bc:rgL7Um,pingTime:-10,time:748,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697510839280%7C%7Ca9cf100aab5d3767263cbefffe4fd213%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7C9e71bf900fa6f9f9d2f82e9943f3d4d6%7C%7C8d60b65828600921326d954650cad0c4%7C%7C777a50a203c8af798aebbe9356398f42%7C%7C501c21e1d301df88c0d987188959af74%7C%7Cc7448c92e88b21fcadecabca98a3e26e%7C%7C1663701684,sca:%7Bspg:b48fdcc6-ccb4-dd75-4fcd-fec5e0578bc7%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 37D2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudzvCUibGIZghCcd3lpg_Sj7uMHJcmoM3D4BqkV7gULNbT47Ix7jjTYUUbPY2GLpZBu-e0edSNgYI-r1cSV-Zm5Bf7-ktfr42M6kJgC-JmiegcApjakxhr15fZZuMTZRonqZPY3caUa2Yi&sai=AMfl-YTJ1JxIQqkkn-CLNubwfr2tN3zGeblQfmbSY3CBTh-tmUb0_OAawuJtxecPtLPErbon4Pjh6xbgPE7XsWnvWv0ZraHDGJAhd37ElKk5t7tshU7cHie1sPGGMx_N&sig=Cg0ArKJSzAoy3XftL__FEAE&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1060018158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697510838375&rpt=303&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FF69 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvU4xswm_zgaOB8lwvmEdx09nkTB3yyqp9SxspaUqM5Dp9r4BH6SaoQk2LgkkNo5AnqVi_bq7MFtIZwVtZYRiAYYT8KXoLBFSGjhEhQzVK3ArNLXhImQr5p5dMnFA9ZpKz6YZ1uDwLP3T3&sai=AMfl-YTInvv8Tm1CWT-wiMIvoS77ofdzgyuex0EvPK7Uaa1go6daDci-rSg7Z9RdEyDkQbldtdJ9PMrTlp7XDNVZiZ9x05QbLVf3ICj7hl03QC9SvkucWeb3reMHTv44&sig=Cg0ArKJSzFZgVULIgz47EAE&cid=CAQSPADICaaNMD9a-kS2HCwKxtT_9JWIoLd19Hgef1aVc65WwvP5BcgIRcfYDCXp0HiZa4FuboeBa9MZTn-QyxgB&id=ampim&o=205,244&d=1190,230&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=346&tls=1346&g=100&h=100&tt=1346&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310120101&jk=2089043390418607&bg=!Q0ClQA_NAAbFpEfJ5aQ7ADQBe5WfOLpwHWRRfFFs4GT5eMEMOX201VOukItuitcQDmUMf9VvGZ0wo_KxderfQPf_zNoEAgAAAD5SAAAAB2gBB5kDB4gDVlJHc6J7qVkO6sfONDqrfBOmaRSs1wnJDZj7E-KPDKaWFu3Czva2VyvIxTP6SVunmGSlQ1LTnEXwNQ0qCVhZTDcL4yxHVmF79usVKOhKghIq6Ep5w5_HN9i6N5VJNpOiXAv8TnyTvD8CStzCEDU9_-9UIR4Nm_ZZ01_2eaYexJSEAe4NFUmu7bxJAMxhLgreNPdaCgVbNmWQZwji6L73vcLimAYD1Lw3Ugg2UoYK7AhtfCxA3AQbhBJsxMJiuxqbX59uG9LfAMCNYU29ra-IM6IynirMk2t_HtyEKgzLXqp8NXW01Abu3EZk4r3b1pHYO_sEJIjQJVYvweta4QdEJLN9fmqh4iFeC24fOeAPf2fnJtcafSriWxZfQz3uGmJ-XFfkdqFT2_Pu-ep3cAA1B209uHZggTbSQP6aiQdevZo1Lhp8sTxQFimT-Ns8gEsJiDNNZKOB2YEnkkAVj9E8bSfe_qnEPgD1hbr88Njp_NeYhgBTjvzCqAMzilnsb7GJzBr6p9olDqBlSO38xl_-B65XpsL3Ea0Vu0Pp-cFfY0xG0rNGy00Gg-86adLxo5HcQFdzfh8YeWg5ltJ_IXOEST3hbyHKtUmEBIzJ8R6X0fGH3IyHsdkQuE0SlOL8X6Ei2TPJsPZ-Zku4bxvwQMHhTDBQ3caz0Hfj-krJ-42cJr3B0ehN00QIp88kI1cTlyy-VbV4ldsNnCnBKEpH9XV7G02_QD7wC-3uNfQGqQDuEYRGry21r1LyxNFusM9m5gYVQVURahkou8ZrGDEDSkc9b4sd6-58CebfEqh4RhSk_eIFUh2AOP3stAwS9b1HB7iL-T6hWtt0qbxzRFQ4ZT_k7PQJSRu8Glg7kFHm8h5TIYaos1y1MI9tyTS33pXLcBbI8Rgxwz96qeoIOs8BKJavo5buEx-DCSScUNqVoSEVw1vemYwmaTeIiJ5oGagE8SaovBss1KV5rXT03j3xJ7Sabt0An1Smy6xZ4C78cpKFD9xEMLB07zY5tMjVfeDsi3W25MdGBYY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4880621769085&version=m202309260101&ct=76&x=1&cor=7262870574756596000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37D2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7647830625179&version=m202309260101&ct=76&x=1&cor=7486487278054088000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=T2Y2wN8L1QSA745
52 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=T2Y2wN8L1QSA745
Protocol
HTTP/1.1
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 02:47:20 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
52
x-mnet-hl2
E
Expires
Tue, 17 Oct 2023 02:47:20 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 02:47:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=T2Y2wN8L1QSA745
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.107.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:47:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
us-u.openx.net/w/1.0/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e2088a3-3c2b-4b09-a4b6-5a91e0b45e84&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e2088a3-3c2b-4b09-a4b6-5a91e0b45e84&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 02:47:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Tue, 17 Oct 2023 02:47:20 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e2088a3-3c2b-4b09-a4b6-5a91e0b45e84&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1032331
content-length
0
expires
Tue, 17 Oct 2023 00:00:00 GMT
cksync.php
cs.media.net/ 		52 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 02:47:20 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
52
x-mnet-hl2
E
Expires
Tue, 17 Oct 2023 02:47:20 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KFBFMPM6S4&gtm=45je3ab0&_p=1827025592&cid=1777242772.1697510836&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&_s=2&sid=1697510836&sct=1&seg=0&dl=https%3A%2F%2Fwww.em.com.br%2F&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&en=8507&ep.event_category=Power%20Homepage%20Variant%20ID&_et=998
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 02:47:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=322&height=181&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1697510843276&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1559&pt=-1784166951&tz=120&viewable=true&ddast=V8QOsCLAYUJ4rDqz731xAoThSHV33urykAAABgYED8AEmtFqaRZeRYa5ab0Vo02xjXEudu4VYsJybHbDda7VbDISCp1cI0sowca81yM1qLZhvjWuLcLdyK5cTkmO1Gq91qOAUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmSg6XT4XPd63e93V7ntGr_bLrH8VZLBHAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxcGAHB6jw_UPAAAAACAAAAAASAAI5OeVAHgI-z_x_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzZ7J_wd8eMFCJSwFqEEQAAAICWRsymI5J0gopFlf___34rAFcAAAIWdw6VabLoDkq8hQEAAAgYs0APi99vdtg1frfL_P________-b-T_zj0YoaGYmTZCNmZmaX0AAgDW_gAAAbMYNAMAbAThHx-A2s9VysDoEstkNZwcAAADgzv___78ekFgtRyPXbDDabXyLxW42WI5cHsNoMjIsFguPx7g9PJMRaQndkFB9Puhh8fvNDrfaaXIrLKenx-xyC_1ul1vw8LkMivmZsMVoNZlslsPZcjEZDEfD0Wh_BmIxHKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTM9vMuPCN1pKFx-MWrVwTt8K1cK0lxuFqZbMsVsvNYi16fUwfy2438Yy2SDAAZS-Sp0U6URk3xpVrsvE4RsaRyzBZmHaz0cY3cq5GHodpsrKIJZqTRTqRXfaN1XI0cs0Go93Gt1jsZoPlyOUxjCYjw2Kx8HiM--bMNjMufKO1ZOHxuEUr18StcC1ca4lxuFrZLIvVcrNYi14f08ey2008o31jttytFoPhZrZvzJa71WIw3Mz2HSbTM_U5G429c8Jjclp15_L65jQoXAaL9ycxLabd2cHz-x2dLm01WdQZ_X6_3-_3-_1-v9-g9RzMBoXv93JojbegenT2jhsHgyKWCC7SicjpsDz9nofn8_c4HSa_561yW8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf9RA63mitFirlhN5rrdKgEAAAAAAAAAWIJpppsAAAAAOBnEcrTc7NbpIAaD4WKyWy4AiCNrXT_bCZr_qwjUu7DXVVNS2bTAizX2GAU5HZan3_PwfP4ep8Pk97xVbisDgCBCY7bZZwSxVqtlDQAAQAAbAABAADfdeBMQZsX9____jwMAACAjhx4AAID4PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFZDgZpvlBP7___8D!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1008127&dpubid=194937&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vA!splits_full_traffic!t45!tbt_lit_unit!ufm_vA!ul3347_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.em.com.br&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.6/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23949561cce2afe06e83a9d06ff088ed38d7c8b617da4eef58905aa404821ad6

Request headers

Referer
https://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 17 Oct 2023 02:47:23 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1490
x-cache
MISS
x-served-by
cache-fra-eddf8230133-FRA
pragma
no-cache
server
nginx
x-timer
S1697510843.279509,VS0,VE80
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.em.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scoring.deep.bi
URL
https://scoring.deep.bi/score/4Dme4NTJxoPw/undefined?id=deepcookie&column=profile
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Verdicts & Comments Add Verdict or Comment

335 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| dataLayer object| yieldMasterCmd object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| loadCSS boolean| load_da_analytics string| GoogleAnalyticsObject function| ga function| reloadanalytics function| reloadAnalyticsGallery function| eventoGA function| eventoGAsocial string| diretoriodfp object| slotdfp object| slotdfpbtf object| slotdfpofp number| indexformats object| viewable undefined| staticSlot object| apstag number| PREBID_TIMEOUT object| pbjs function| refreshSlot function| executeParallelAuctionAlongsidePrebid object| noticias_recomendadas function| removeblur object| _taboola object| attr string| _taboola_current_layout string| BASEXJ string| BASEDX string| product_id function| fbAsyncInit object| FB object| default_gsi object| _F_toggles object| google object| __buffer object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NDBmNGI3NGZmY2I5NDliMGxvYWRlcl9qcw== string| NDBmNGI3NGZmY2I5NDliMGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| google_tag_manager object| AppleID object| notsy_pbChunk object| notsy_pb object| _pbjsGlobals function| notsyInitUnit boolean| yieldMasterScriptLoaded function| notsyInit function| notsyNewPlacementTagAdded function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| yieldMaster object| notsyCmd object| notsyAdVideo object| iframe object| _ttprofiles object| banner object| btn object| bannerCookie string| cookie object| cookieList object| termosBusca object| taboolastyle object| place object| taboolamsec object| taboolaitem boolean| shouldRender function| hardnewstesteab number| viewsite undefined| contentId object| regitens boolean| testmobile object| _newsroom function| OneSignal number| t number| reloadevent function| onYouTubeIframeAPIReady function| da_tracking string| event_from string| o object| a object| b function| Navegg object| naveggReady object| nvg89454 object| yieldMasterVideo object| ymDataLayer object| gaplugins object| gaGlobal object| gaData object| TRC function| _typeof object| _tblConsole string| pm_pgtp undefined| msg undefined| google_measure_js_timing function| getDAAUUID object| loggeduser object| google_reactive_ads_global_state number| google_unique_id function| gtag object| _aps boolean| apstagLOADED object| apscustom object| TTTagManager function| TTTagManagerError object| _ttq object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad number| newsroomStartsLoadingTime object| tbNewsroom object| vttjs function| WebVTT function| videojs boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd object| _tb_vpx object| _pm_sud function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| plHookRanOnce function| removeBlurFromControl object| TRCImpl number| taboola_view_id object| preloadImages function| TBOptimizationTouchAndClickEventTracker object| _pmk function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Lf object| _pm_mcg object| image function| nvgGetSegment function| ltgc object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| addLoadButton function| removeLoadButton boolean| signin_force_logoff object| daAccountsClient object| _id_settimeout_setdaa boolean| _find_update_user function| removeBlocks function| showOffers function| showLoginWall function| hideModalLogin function| showModalLogin function| click_login function| click_login_signup function| showOnboard function| showCancelGoogle function| showCancelCallcenter function| resetRecaptcha function| recaptchaCallback function| func_show_login function| resizeArticle function| CrossDomainLocalStorage function| random function| load_page_noticias function| RelatedPages object| cross_local_store function| ajax_noticias_recomendadas function| loadRecomendadas object| relatedPages object| lazytag object| da_swg_sku_default_draw string| da_swg_sku_default number| STATUS_NEWS_ABERTA number| STATUS_NEWS_PAYWALL number| STATUS_NEWS_LOGINWALL number| STATUS_NEWS_ABERTAPREMIUM object| swg_debug_levels object| DA_OFFERS function| mather_push function| formataMoeda object| da_swg function| da_log function| edtTextGoogle function| renderButton function| signin2onFailure function| signin2onSuccess function| callbackGoogle function| checkLoginState object| __G_ID_CLIENT__ object| closure_lm_518539 string| n object| cmds object| _ttconversion object| ttcNamespace number| tnsId object| da_newsletter_register object| target function| md5 string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| pbjsChunk object| mnet string| nam object| placementData function| videojsIma function| videojsContribAds function| VPAIDHTML5Client function| vpaid_video_flash_handler function| InLine__A object| CleverCore boolean| CleverCoreLoaded number| __oneSignalSdkLoadCount function| __jp0 object| closure_lm_968367 string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| cmTag function| TTBase function| ttBaseE object| _ttqHolder object| closure_lm_972844 object| _cm_wfCounters string| lastWfUrl object| regeneratorRuntime function| startCMTagMain string| category function| OvaMediaPlayer boolean| google_empty_script_included boolean| 0369c331-cd39-420f-b6a6-5863da7b352b object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| tbopt object| GoogleGcLKhOms object| google_image_requests

63 Cookies

Domain/Path Name / Value
.em.com.br/ Name: ym_long_lasting_session_id
Value: 85267085045
.em.com.br/ Name: _gid
Value: GA1.3.1498474664.1697510836
.em.com.br/ Name: _gat
Value: 1
.em.com.br/ Name: centralizador
Value: GA1.3.1777242772.1697510836
.em.com.br/ Name: centralizador_gid
Value: GA1.3.1776512356.1697510836
.em.com.br/ Name: _gat_datudo
Value: 1
server.smartytech.io/ Name: uid
Value: abca80cd-dba7-4989-a739-c5e0fda3552e
a4p.adpartner.pro/ Name: apuid
Value: b69ec9d5-ed54-4601-8f89-a5d75e0514c2
.onaudience.com/ Name: cookie
Value: ed81efc67a31ccdf
.onaudience.com/ Name: done_redirects147
Value: 1
.navdmp.com/ Name: ac3
Value: 1
.em.com.br/ Name: centralizador_ga_PXLPNKGTKV
Value: GS1.3.1697510836.1.0.1697510836.0.0.0
.em.com.br/ Name: __gads
Value: ID=8345647bbc88ceee:T=1697510836:RT=1697510836:S=ALNI_MZg9_45H2p4--AEMsgCdj3SampDog
.em.com.br/ Name: __gpi
Value: UID=00000c9a44c5e6c0:T=1697510836:RT=1697510836:S=ALNI_MbrwdobqBzsGl-CRnC0g5KCVJD0NQ
.em.com.br/ Name: _ga
Value: GA1.3.1777242772.1697510836
.doubleclick.net/ Name: IDE
Value: AHWqTUluxiTMY5mbbf-wFyZCaZw0WpErKwtqd0JZGCZT5pdKncjCgC3TxNXxvxSpOZM
.navdmp.com/ Name: nid
Value: 137cad8da36efa470fd5b5a6ce10|1|316
.onesignal.com/ Name: __cf_bm
Value: dksy_dZHPuY_eyEkpxO0EGqhnXIKu6qT5UX8_imBTqM-1697510837-0-AQ0TvNbM9NahIjkibtnAdZh6X0nOIFCKb/tmCZtwFAMEZcGDwGsWQrpn3kO0g/v/CTyyVfen+JuW/W0gKOE2mOo=
www.em.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9f6f8a74-2acc-4e5b-a5a5-b885ef215931-tuctc277b34
.t.tailtarget.com/ Name: u
Value: fwAAAWUt9bV3AwaaIBhcAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
.em.com.br/ Name: _gat_gtag_UA_17658134_1
Value: 1
.getrockerbox.com/ Name: uuid
Value: rbcr-6505687f-7aea-4660-bf83-cbd7563653bc
.em.com.br/ Name: _ga_KFBFMPM6S4
Value: GS1.1.1697510836.1.0.1697510837.59.0.0
.em.com.br/ Name: nvg89454
Value: 137cad8da3f6c681fdcffd04ba10|0_291
.rubiconproject.com/ Name: khaos
Value: LNTQ4GXM-1G-M68F
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpmihT4y7ZnzSAkF7RiBdb4AgvEG2sPPZosxPxU5qr+6LYJ9kRrdD96bMhg4KpKlQ9C4zdOlB8O68xuhZpbWKLtGF+ra9Y9wTK+xUA9sgf/4eNEKcfJxgEB
.yahoo.com/ Name: A3
Value: d=AQABBLX1LWUCEFS3cD0AmfN0X6zVNhZoYjEFEgEBAQFHL2U3ZeAKyiMA_eMAAA&S=AQAAAvYBAB-kVr1-vYQdhCZLhUY
www.em.com.br/ Name: tt_c_vmt
Value: 1697510838
www.em.com.br/ Name: tt_c_c
Value: direct
www.em.com.br/ Name: tt_c_s
Value: direct
www.em.com.br/ Name: tt_c_m
Value: direct
www.em.com.br/ Name: _ttqprofiles
Value: {"age":"","equipment":"","customaudience":[],"gender":"","microsegments":[],"profiles":["na"],"socialclass":"","subjects":[],"team":""}
.tt-10258-0.seg.t.tailtarget.com/ Name: trk
Value: beCbmBQVhJLTvoCp8JX1CA==
www.em.com.br/ Name: _ttuu.s
Value: 1697510837815
www.em.com.br/ Name: tt.u
Value: 0100007FB5F52D659A060377025C1820
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1697510838111_764254285
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.em.com.br/ Name: tt.nprf
Value:
.tt-10258-0.seg.t.tailtarget.com/ Name: ttca
Value: _1697510838
.em.com.br/ Name: FCNEC
Value: %5B%5B%22AKsRol9zRfuD1FQ9JWdwqmE3x33cJaDSAA2HXk-HP-NcdQgiGkvNil0Ql_DT572HhlVD_4DnUE1gVQjYHyv9NYLXUI2Pld7tn6S0lFNuGcIUipM1eoq9D7U3fthWXjcO8q-WCV2vMWM-zpLl5W3B_lg3QICKKwiDzg%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22526%22%5D%5D%5D
.adnxs.com/ Name: uuid2
Value: 3089756075787885977
.casalemedia.com/ Name: CMID
Value: ZS31tm43pzZyNak4CypqvAAA
.casalemedia.com/ Name: CMPS
Value: 2141
.casalemedia.com/ Name: CMPRO
Value: 2141
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In7lEAR-!]tbPl1M>e)ZlrFUfJ+tGXxoaOs[?tB)CnzL^3UV[IKs2KxpHX[8/oslO4`T3If)y3KL9D3I?-0Z(/%n
.doubleclick.net/ Name: APC
Value: AfxxVi4-4QpGt0Gnc3vS8k9kzkNUeWw5lhGLhHAUkY1b4Gcf2g-GVw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.t.tailtarget.com/ Name: n
Value: 1697510838
.ctnsnet.com/ Name: gid_CAESEFbutI5eTg16U4OVDpIl8KQ
Value: 1
.ctnsnet.com/ Name: cid_cef25290962049a79092745bfdc5a467
Value: 1
.simpli.fi/ Name: suid
Value: 7AB471D677474D91A1B8DD302AF52362
.csync.loopme.me/ Name: viewer_token
Value: 8555dc9e-9177-4881-8afe-8ec8ca535aac
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2220020CB6-C8C0-4693-1404-33F84A363095%22%7D
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2f608fab-aee4-478a-b510-8e32647c7262-003%22%7D
.w55c.net/ Name: wfivefivec
Value: T2Y2wN8L1QSA745
.w55c.net/ Name: matchgoogle
Value: 5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E115D2F6-B124-40ED-97BE-A308879126C5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2f608fab-aee4-478a-b510-8e32647c7262-003%22%7D
.w55c.net/ Name: matchmedianet
Value: 5
.criteo.com/ Name: uid
Value: 9e2088a3-3c2b-4b09-a4b6-5a91e0b45e84

7 Console Messages

Source Level URL
Text
javascript error URL: https://www.em.com.br/
Message:
Access to XMLHttpRequest at 'https://scoring.deep.bi/score/4Dme4NTJxoPw/undefined?id=deepcookie&column=profile' from origin 'https://www.em.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://scoring.deep.bi/score/4Dme4NTJxoPw/undefined?id=deepcookie&column=profile
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
deprecation warning URL: https://www.em.com.br/
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1cb0b5c4a090a5ea517be08426a5b503.safeframe.googlesyndication.com
a.teads.tv
a4p.adpartner.pro
aax.amazon-adsystem.com
accounts.google.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
appleid.cdn-apple.com
b.t.tailtarget.com
barra.uai.com.br
c.amazon-adsystem.com
c2.taboola.com
call.cleverwebserver.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.membrana.media
cdn.navdmp.com
cdn.onesignal.com
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cs.media.net
csp.withgoogle.com
css.em.com.br
csync.loopme.me
d.tailtarget.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hp.taboola.com
i.em.com.br
ib.adnxs.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imgs.em.com.br
imgs2.uai.com.br
imprammp.taboola.com
js.em.com.br
kinesis.us-east-2.amazonaws.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.360yield.com
match.adsrvr.org
membrana-cdn.media
metrics.getrockerbox.com
nr-events.taboola.com
onesignal.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.media.net
region1.analytics.google.com
region1.google-analytics.com
s0.2mdn.net
scoring.deep.bi
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
server.smartytech.io
ssbsync.smartadserver.com
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.1rx.io
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
t.em.com.br
t.tailtarget.com
tag.navdmp.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
tt-10258-0.seg.t.tailtarget.com
ui.cleverwebserver.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.em.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ym-tack.b-cdn.net
pagead2.googlesyndication.com
scoring.deep.bi
104.18.26.193
108.138.1.25
13.32.119.77
13.32.27.70
13.32.99.122
141.226.228.48
142.250.185.66
146.59.110.145
15.235.15.221
151.101.129.44
172.217.18.2
172.64.143.2
178.250.1.9
179.191.182.65
18.184.107.13
18.66.97.77
184.30.20.207
184.30.208.159
184.30.22.30
185.184.10.30
185.64.190.78
185.86.138.150
185.89.210.90
2.16.97.41
2001:4860:4802:34::36
23.212.88.20
2400:52e0:1e00::1077:1
2400:52e0:1e00::1081:1
2600:1f18:1aca:4281:6be4:3b1b:bbec:9c96
2600:9000:223f:b000:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:4400::6812:2a64
2606:4700::6810:5914
2606:4700::6810:bf3
2606:4700::6812:d63b
2606:4700::6812:d73b
2804:564::1156
2a00:1450:4001:800::200d
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2011
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c03::9d
2a02:2638:3::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:bf41:b326:fa86:2937
3.15.36.77
3.33.220.150
3.71.149.231
34.102.185.99
34.120.63.153
34.251.18.137
34.98.64.218
35.186.193.173
35.190.0.66
35.201.123.184
35.204.158.49
35.214.163.124
46.228.174.117
52.18.6.202
52.29.172.170
54.38.197.123
69.173.144.138
91.194.251.83
95.101.148.20
95.101.149.35
99.86.4.128
00dfac7bb52ee81d36cafcc177e09894eaab608232f350b329914fd31e1cbd2b
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01f597672e273ec3ff86e01f7ad707a8144cbb2a0d7685520c31b96b080d4495
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05a4a88f417264926d8c52323a80416fed1bd8162185a490021b10a5318b4971
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f
08b06650757c02226215d9b21c075c230babd6b3f1c8dc92b21e4a1e8e3de10c
0a846592fd654f068860c197a04938d75c7c62c5ebd190102315a0a7eb071228
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c40cb69307b8caa0699456190ccf595475b5ddfeb1ad5a6dbb07b4fc72777a5
0cd0adaa00fc412db32968acdd12c3f7c422e32bce7f5ad957796ebe3dfa4ff6
0ce91fbc274a6f54f9ceb36cf29736c4f8de1f6c4a4c654069d2071b90333964
109f4d8aae8194fbb7b7d33ab03ebcb94769b33a182ec064860d8cb3b42a7d2b
113e18899725e452cafbfb351094d8adcc8e34371e31242cc24c4c9debcd280f
120aeb2ec2ee3aa2ab7d67421fe0ae1adafa6bfd3e65735731ad487244634889
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e5c96d95cc1c88a0c18625024b221fa7f7ad7e4069740f3217b87a79a44b31
13159416dff9a33340d439f52c9a93539172c1789b319d382a107e4b3165fe7b
16dd31604a1f3ec4989bce7d97172015004d480cd1d5063e12756269b250f542
1787a0a97913b2d5037f610846e7b9ed74e4083bed6044337d3cc53064d92250
178ed49959865160110187a44f8ab43d0da3364919448af72d3ebc49069cf2c7
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c766776201784cef67fcafe3e26e9da206b585a22ed56b7638dd5d9628cce62
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720
1fa16bb9807eae27de2c2a3e0509a5e0c0402ab240442a0c991be7940ebe153c
2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954
22eca0cc1bdd217d980781b7671fec7e5700549e9bb29db6f90d807d6f19dbd0
2393d6a360e0ddf705ec8090d60b5929afa99a6c06f1a2fef57583361db78370
23949561cce2afe06e83a9d06ff088ed38d7c8b617da4eef58905aa404821ad6
23f6d606f7a2add6086c28809fbdfea4a809f8e97faf665e9c60ea36a326d9c4
252eeab6a30553ca0565cdd60fcdbdcebea3166a145332d957459c50a2135c92
25f547a38688056db912c3f924931e3409902038641582cbc480f2b2747e153f
268d0c1e0ebc9b7d781aef9bef57cff837a5fbe6e9ced919a09647ad954f64c7
26afbfcfb329174e16387f86ac5e76daa6521614b6398566921a114ebe827bb5
26f60ab744478aa33b3ad4d5ffa86a1904c470e6f1e8bb1c20c72bbd56a3277f
28552a66ebfe4006b19e8a5507e5df7d2eb285e03207faabc23018f2fdc03cb0
28a2f6020d1d76483917316cdc84b58820ec162820154cc69f0d3f265e1f6dc6
29f7a871c05a6b6d546fa2cfce468667f531464703b48d24ec3393e0065a358b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
324697c5314f04ed57f3dee2483d7c1d533f9172d6d4daa4d4e9cb972b0d76e9
326bacb105aee0c9ccd1dda381b8b17d913a5cea963d9e0ca0c7ab7508215327
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
340be64063a5276b17425081a08d0b12d2a641eb9664a18e90ea22142f3c9e15
35a20edfdcae6a127c0e0b07a8c3b673dc5f82c43f6cc5ccd059cba7a2ade866
396d5e04d7c9aed2c14c765598fe70187d6afac900100d1745ab5538c8cac302
39d36bef541e34337aedc2e6c29b1d472e5e71f1d6161c91c1132deb6bd4373d
3ccce79c0ae266a449dba57b9511b50ba05f755f67c5ca37d68a9347a607b5ac
3cf0c440ae6b60eb827eccd6ce0630ea0f94119b8a69d72a9d308455712a8e0d
3d2bff46ab06cd3e8475e91632039a3cfee6341e6fb15ecf74a03e4dc5891c30
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ca9e2798822705451a9013820301ddd92b4d95a470bc9350202a6694170e88
4137b97b53a87bcfc380de7c80bea4154c5c4e12573766c3457c36ffbd0a3a95
41d485e880c87aa321e754cd8b8bb3034ce2616380d3a744cbdd09bde179e51e
4340941fd202b54ff186b18ff559cea624ee1ad4143d4f0e7eafe7ab48ce9b6b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4a28270b702609a6e6a164622f60ddbfbe7917aa2e1cc85338beb3c7ef16ab85
4afeedbdc9168df2d15ff31a32d5c0f8353c9aea66132bf3bb0ddc07be5d75be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf753c1ce23c690959ba1b59e6527be184cd38e332499514daea51b4292d0d1
4d1d1904de2920dd0fb4ad36f812031ae06f441e41554ce7ec0a0d6f31970570
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebc72f5fe8f72db00d2b78f702641e48d8a118b56f7b223098b245590b24831
4f4cc22ed3594ca3d077070eef064f96204cf08f77f017d4853e2621e4608095
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53be0578f87f1f73d305110acb20730521d0056775c76d688a5008c7781c7180
5479d10ccbc5deb04f6226416b203327fb4824f682413d0b3f5c4869efa0d1ee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
5592ad11c9602028561e12b5d951d8928b9ef7676e9a3b5e91b1a05e28d47678
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
58fecb59b01d611081f5666ca6e177407742eb8a78b462b7dcf73aafff4157b1
5d0fab8a73562905681c62a54ba5ce0d7274e9c0a4e58511c692d56867f535a4
5de65b4e755d35f6c2eb01d43394e50f63e26df83d56aeb8371a244f9d6eac25
5eb361dd7908941a76dcdf6ef1dc43182f0b1c87d467fd9d96a90c34a21bfb4d
5ec7710a650b621ea7fd763b57a58628b3aa3143f650aa845c0c9f745a364b9d
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
61a77793431518ad283c7983b2d2e33a393eb01e424ebff0c4a6c76db485ec06
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63c7964f325185a3d4c7a587939bf3d477390f571e690b219491357e60881860
6428755e51fb95aa79727d4a28381aeaa3059a3c1e4664a1f95780879f8cd3aa
645ffa5e4bd7d2398eb0639ad31670b6d7fb6c873fa2377d544f69388e932b16
6472f28dd6a7073d26ea89cbcff38f4485542fcd2dde5d6893c59e1d59d42623
6826b03d4a6b6301ca8fd3e6b2c44468ac72e974b2d0fa17c0c4837eda0c4af4
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6a04727f4e047e4962acaa1375186ef1beb12fcadfcd5bf3cb21ed7c4ff0d395
6a08f389a684771d68c23f4989202bb397839bcc63cd2a7c6414c70cd64a5862
6a168c5162134320b24bd4d33dcc17aca8607090021f791cffc523d6463e19fe
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc
6cb7b3873e0f97bade0487ed1dd5ceb8cc8860150bde1126d1a118e540956c68
6ddd5655353aab744687e0286d885f5c8fcc39d5f23d94cd4e8b96d83e7475e0
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
71099956323e49621c8b458d99ad1cb0db420a0174fc7ec444e9a3ba36328105
71d9ef8e89299ef0b9793ed382274693fef76f237e52e4a033369224cbd038cb
729ef5dba5dd3dfa5fb679668748d75561ac5f610d818a6ba8f057e8040112b7
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7757c61eb8c882f4c34546f35b72fa8324dfe97f99440b3645c40fb09cd5c0ec
7df78d7c6fdec9aedc4040d17dbb0c735ed773a5e59a2640a856a30bf485e167
7e4b3859f4b1e1df73714ad0aae60606661f29efef79fa128f54221b4fd313ae
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7f30b4cd11609a724ffb73703116a00c98451d3977573ccbfcfa48373032137a
7f68a83582fce1898760685332cf9508e124d33cdb8312424e59498a336252be
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
809345d38430343f7bcd28cdf7640d93629826983e80aa9a3ea62d35a4ae8868
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84180f8ddb3d32d0c68d49022edfdc7cc0b571284aba0c91396a6a214a48eada
8618f48fb8801372552e5d414b3439ae43385263f21613f10e44e8ee06530bff
8646d5625f00d6dbb7d2422c2a5c3835851f939815520e9a0080f4f4f999c79c
878d2bf7031e65587a91d2a57c71cf335bf4aeddf5386729646aad8e8dabd443
87d17501413adb87a6ff46f0511a01dddd887a64af6c36c5f37aa22bc66f8949
898808670bd1c749e2a3a2476515cd8bf2f449c24c9697d5ec566150dfee7a7f
89c117d6a7db19de5e56ff06a3385f5456aeabe82c3fe9855f4ac0da8eeecae4
8aed688bb15f9f1ea8c882ce25db500e8701dd8d8fda3e1a002d6c343a062a60
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0df3dba239ddedac87859f71294ed080e4785e88d44566978c87f247dd456
8f87c4a63a5f47346818f042d439549b0f246cc12355e94b63e190a147c5df2e
8fbac4b4c2036b6065e627a957f555753b678aa4b8c8520206ab6046b5634fe2
900bbacfa7655c37289755605668eee5d73ee47255f83a6bf050e786701ffd47
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
9367a1fb1273bafa7d3276faa7696fee47612ed92efa9ca48f853c99dc5b8170
93d1c327fd0e3de1ccad79cff535c836a4dcb311fc78a8054b0a6b71782101bd
95a6fde244ecba5dfd1e61116e5b1a349dea72bc82b386c8f5abff33cefc0c80
98268f12064e8baaf478ad78e4ed66ba07bbbc117079da83542fa9e9c57e5dcc
9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae321aa9ba8987700b3060f1d6adca1673bf866bd1c39e8d9170410e26d8fcf
9ed82f204e7bbda9a5825681c3b4c6a9a3d88f1147fb9c2a84b63d84d92468c5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0516d91dead3fa38bef64683d087460753209e723db56ce3ee1fcb1dbd84162
a1f5c45d95ea2923d133e01d151b8e5c72a1adce6f90185ea9646ea55629a5ae
a3870300976bb5293747bb209486f1503524a050e2b5abddc5965bf9e5e73096
a6c7b3f12d189ff1bd6aeb59bde7ab8b6008b509d7d5b57fbb755ebd0d21d13c
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8df8a11a11d2b912693ebb1ac05752f679da966c57bcdab0d21c41c5e6c3a77
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acdd42702882bab24475437ae8b810331d75eac394f54086b3e8f38b99c7b612
ae80d4fd6f7e82f7e7b4124824fbbdd454da7ba9027f0bd6763d5a362f5fa315
aec78d33c73fc2163c568e4aab33718df9507802851f0fab591c42498d8f18ef
aed6009e81d057dc1e84ab48c988a87a68a5104420c1fbdde0ce715fb4394a34
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1591818754cf35d267bcce9715f3601472053e12fe59242658ccf7144daf653
b46cca6f049ea9bfd7c451bc045d751d7bfd503b0a8350b9415a64b507892347
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca
b5ace0a97428f7f6ec88f95e06cb7e28702ba3fd69dead3d0bcd4afa45e34a10
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b6589859aedc1c678b8343b532b70fcbfb2668266ff5e4561082b42ebe66b6f0
b9fc5de5a78d05ae86812f52218aaa0987c090f0735b97e02215e83702f644ec
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bdc5cbd60461541d7667e69aa809aa2f76af9e7561a778e64411a716fbcaa290
bf8fb7e6d0abdb71657009b3906844a12e5f18956fbcc95611669ea2f3976bdd
bfcbca5f0ec7aff19873aaa7549b1d707e99341dc955d0a470d2204eb695151d
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
c4de80c45b6b934c4650c31aaf0f0e997b8935131ef9dcea1e23482763518245
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc36307e3c9e491c3458f01e5bab786b0effcee459ddb16cf6db67f5c10678eb
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ceb3fcfb05bf6750089e2798256ea794f6e4552931fbb45ddbb6242c6d7cb4ab
cf3b6fe29869190115eb9993292db2febc2e35b4612c2a89d6457d94da0c875b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcbccb8bb1c0b24d9f336c71f040994b76415cf0ea642e0d6d2f02454f98713
d04ac5f8dfdc6455347557a6615fef41a91dcb8c4ae21b1afc7be85f62789431
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0db9ab0a083dcfb758b2f36d573746c04e9e8ea2cc39c712fd61f9344d26bae
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f2bdb7aaaca97e018292e3c67299f7815529aecd59705531eb5eac14b434f1
d0ffa897d2103cdd6bb8d6b7842e909fdd93743f553abfc5d20cfdab2b460c51
d13713611d187b0c8fbbbe46da63f436358a00a40468d3a7ccacdc0f73d2eec4
d1d70f5776dea93de8e622e3a204129a13fdec929aa98138ecb433309e51e490
d1fafa7ada71f5fe504ec87f51b287132b0f18c9c4f57f42a628b0023cbf3e3e
d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68
d224eed3233785fe2df2a510fd3877d41d1adc336430a5d6174a5722cfb12a57
d2933ca909c8b9940b20c8cafac431b870fb8f0d99bc41c1217697592a33267b
d32342255534e73ecd0558c7d570c60397e9aac750a38e4cd4a873e595cf741d
d41cbf13ec8359411ecd98eb4b6af27deb4d871837060fd07e4cf5b61bee4b51
d5997be5f9dad446b9a179525d41d81039f9655671cb83e5be5c4a0bb3003ca1
d6b8e0e0d438ecc28c4bb0bb3dbdf9b9762252c85d774843758f9d83e0244ec3
d8a018693423ca72694ce1cb9a9d702a9b89abc651c74f41f6ab6128b3c2ad7e
d8dd84ec966d693e0055516678e44793b04016733ca25b13c29c2e5396a30049
da024352d54d92378d67e68750ea958461df48224df43736a9aabd05633f9662
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc34e9a8abc476164f8ebadb90113558a8fb558967f13ec53007a8bd8eeda6e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de88c653b12c1c514f655430617e2c40277072baee3417cb4035978cb31d61d9
ded2dce87b907fe2db47172da484a06af7f27ea71c969bdc67711fc67b4aaa66
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e0664b32f1605ba64e579f0bd782bb6c368a71b4a73ecbd52ef3591bf4a289b0
e0d64af662ca60854423b7df8cc164bcc6bc5c8b996ad1b7c5b227f6ae13b7f0
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5d2bf92185604ad94ff4b52335ed857a5cfc04ed3c5138724bfdc4aa034e9d4
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6d15c61aaa4d0fc54cc2858a895a1635095cff78abb121846caeed263285987
e9778e94d326ed6da8b069c5870e679fd878464e3060a70ab70207d84471ca92
e9b4373386fd14bd6250dd6b449b4c2763c624528f239db7ed97882056903b9c
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
ea8fedafe86d58925d4bfb5367ed16a36fbb5afba8d7d02eda4a4257c32fd797
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec2b997f9a42928846dda27375896a0e2c3fb57724a22cf9f281826e7e29c0f9
ed5477876189fda9b1f13c73e89a5cf0b9625ec107716c6d7e1f45859c930b02
ede36d17b709069f2cbfe3361c0bb7ba437cce086af3192d6be5dff8c69b8472
ee85c6391403588f6268263dc151d4d74e644fe1f0ca4000b6808dbb0771516b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae3c94e492c39a78a73b59844ed4383921d82817b7c26852deff525b1b8104
f09169849dc0f6f8d9e5e57c6ec2e2f018e6609b4c0e3914588740d68c467c8c
f1bfdd34d2dc34f90dd0b59b84a4bc51dfa49a2b891e6861a0ec85125ab1a656
f2d63a2bfbc97d6992d6a18f67e52c524ed1b12c7c118575bec3d41e38b76ebe
f3745270593305e1cef4c840a55535974b65818555ed98b92ef40adf2d2d4143
f3cd57fc6c88d3c373a0534272ee6620838f5571a36fdbf9062f2d18f8256589
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f568225a5bfc4080a440f18335b11ec38eaa2f95dc0c0fff91847af36f7b89c0
f5ef3fa9eb3f2d96ff416a86c84fdb921ec107dd1596686a9f0cc1baa4832bd6
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68bd54140ad3833b54c6e6235dc6fde4d683cfaa1abe8a477db4aa84d0a8935
fadd66c89e4c900dfa0de004bea38a3314c1464700f66900973d42f452bc7533
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fce6a4ad3e471932ff88b4829d27405cfc8a319fc06f87ff7c036e9da7d5a201
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c
ff543925050f2529339de24db397e0e6f94855bde61b8f7b657e5f6023c3983b